Guides
Secure Access Help Center

Manage DDNS Servers

Cisco Secure Access protects the DNS traffic in your organization. When a device uses DHCP IP addressing, the assigned IP address can change when the DHCP lease is renewed. When the device needs to be reachable using a fully qualified domain name (FQDN), the IP address change can cause the DNS server resource records (RRs) to become stale.

Dynamic DNS (DDNS) provides a mechanism to update DNS RRs whenever the IP address or hostname changes. Add DDNS servers to resolve DNS requests to internet resources. When adding these DDNS servers, DDNS Server 1 resolves before DDNS Server 2. Provide DDNS servers that could resolve both IPv4 and IPv6 if applicable. You can also use DDNS for static IP addressing.

Table of Contents

Prerequisites

About Configuring DDNS Servers

Add a DDNS Server Group

The following procedure describes how to add a DDNS server group managed by Secure Access.

  1. Navigate to Connect End User Connectivity, click Manage Servers and choose DDNS Servers.

  1. Click + Add.

  2. Enter a label for the DDNS server group name; for DDNS Server 1 provide the IP address of the primary DDNS server. If you have a secondary DDNS server, add an IP address for DDNS Server 2.

  3. Enter the TSIG key configuration for this DDNS server group. Enter a label for the Key name and select the Algorithm to use, and the enter the Secret key.
    TSIG (transaction signature) key configuration (defined in RFC 2845) enables the DNS to authenticate updates to a DNS database. It is most commonly used to update Dynamic DNS or a secondary DNS server.

  1. Click Save.

View DDNS Servers

You can view the DDNS servers that are configured for your organization. Your DNS traffic routes through the DDNS servers managed by Secure Access.

  1. Navigate to Connect > End User Connectivity, click Manage Servers and choose DDNS Servers.
  1. The list of configured DDNS servers is displayed.
  1. From the list you can click Add to add a new entry, or click the edit icon to Edit or the trash can icon to Delete a DDNS server group entry.
  2. Click Close to dismiss the list.

Edit a DDNS Server

You can edit the attributes for a DDNS server group entry.

  1. Navigate to Connect > End User Connectivity, click Manage Servers and choose DDNS Servers.
  1. Click the Edit icon for a DDNS server entry.
  1. You can modify the label for the DDNS server group in the DDNS server group name field as well as modify the IP address of the primary and secondary DDNS servers as needed for DDNS Server 1 and DDNS Server 2.
  2. Click Save.

Map DNS Servers to Regions < Manage DDNS Servers > Map DDNS Servers to Regions

Updated 3 days ago