After installation, your DNS will change. Here's why!
After you install the Cisco Umbrella roaming client you'll notice that the IP address gets changed to localhost or 127.0.0.1, otherwise known as the loopback interface. This is normal and expected behavior.
The Umbrella roaming client runs as a local service which is used as a local resolver and DNS forwarder, encrypting and authenticating requests using the DNSCrypt protocol. Requests are then forwarded to Umbrella’s anycast IPs, with the replies returned to the host through the loopback interface. This essentially makes the Umbrella roaming client a DNS Proxy, which is why you see the DNS change to localhost/127.0.0.1. The DNSCrypt protocol makes all of your transactions secure.
How to resolve internal hosts when using the Umbrella Roaming Client
You can still resolve internal hosts by adding these domains in the dashboard. (Deployments > Configuration > Domain Management
- Navigate to Deployments > Configuration > Domain Management.
- Click the (Add) icon.
When a domain is added to this list, the Umbrella roaming client sends these domains to the internal DNS server set by DHCP. For more information on this, please see the following page on adding Internal Domains to the Roaming list.
A more detailed technical discussion of internal DNS allow listing can be found here: https://support.umbrella.com/hc/en-us/articles/230905228-Umbrella-Roaming-Client-Deployment-Guide-Internal-Domains