The purpose of Virtual Appliances is to map internal source IP addresses to Active Directory (AD) users and computers then forward external DNS queries from your network to the Umbrella global network.
Create the Virtual Appliance
In order to create a Virtual Appliance in either VMWare ESX or Microsoft Hyper-V, please follow our guide here which leads through the process of setting up the initial virtual appliance.
Click here to access our Virtual Appliance (VA) deployment guide. The following is a brief summary of the complete guide.
Configure the Virtual Appliance
From the VMware or Hyper-V console after a brief boot up process, you are prompted to configure the DNS forwarder by tabbing between fields.
Tab to Save and press Return.
Verify the Virtual Appliance Syncs with the Dashboard
When you return to the Umbrella dashboard, you will see the VA you just created in the Inactive state on the Active Directory Configuration page.
Create the Redundant Virtual Appliance
Repeat the above steps to create a secondary Virtual Appliance, which is required for continuous operation and in order to upgrade the VA software.
Route Local DNS Queries
To ensure correct DNS responses to local hosts inside your internal network, you will want to configure your VAs to route queries to your existing DNS servers. This is done from the dashboard's Internal Domains list (navigate to Settings > Internal Domains). Please refer to the guide linked here for Internal Domains configuration instructions. Internal DNS zones (i.e. 168.192.in-addr.arpa) are included by default as well as .local.
To add A & PTR records for your VAs
- On your local DNS server, click Start, Run and type dnsmgmt.msc
- Navigate to your forward lookup zones for your local domain (e.g. corp.domain.com).
- Select the local zone (e.g. corp.domain.com).
- On the right-hand side right-click, select New Host.
- Enter a hostname for the VA, an IP and make sure the box ‘Create associated pointer (PTR) record’ is checked.
- Click Add Host.
To verify if the records were created correctly, you can test with nslookup:
- Enter: nslookup (IP ADDRESS of the VA). For example:
- nslookup 192.168.1.2
1.168.192.in-addr.arpaname = va01.corp.domain.com.
- nslookup 192.168.1.2
- Enter: nslookup (HOSTNAME of the VA). For example: