A firewall should be as independent of other computers as possible. At the same time, the person who changes the configuration of the firewall may want to use names for the computers instead of IP addresses. Also, the SIP module needs to look up names of SIP domains. This makes it necessary to use a DNS (name server) for SIP requests.
There are three instances when Ingate Firewall uses a DNS server:
When it receives a SIP request for a SIP domain.
The results of these DNS queries are stored for a short while in the firewall.
When you change names/IP addresses and save the page.
The results of these DNS queries are stored in the firewall.
When you click on Look up all IP addresses again.
The results of these DNS queries are stored in the firewall.
When negotiations start for an IPsec tunnel where the IPsec peer has a dynamic DNS name.
The results of these DNS queries are stored in the firewall.
Ingate Firewall is dependent of a working name server for the SIP functions. However, it doesn't automatically look up IP addresses in the configuration, which makes it necessary to click on Look up all IP addresses again every time a computer changes its IP address.
An exception to this is the IPsec Peers page, where you can configure the firewall to look up IP addresses dynamically. The IP address of the peer is then looked up whenever an IPsec connection is negotiated.
When you enter IP addresses in the firewall, they are not updated automatically. If you change a name/IP address in a row, the row is updated when you click on Save, switch to another page of the firewall user interface, or click on Look up all IP addresses again.