Skip to main content

Looking for any information about how to best configure steering for private app access when DNSSEC is enabled on the on prem DNS servers, or if this is even possible. 

 

I have verified my NPA publisher is able to query DNS and get proper RSIG response. However remote clients do not get a valid response from the domain even with the Netskope suggested Active Directory configuration from: Netskope Private Access for Microsoft Active Directory Domain Services - Netskope Knowledge Portal

All nslookups come back as unsecured and Non-authoritative

I am seeing the following error when running nltest /dsgetdc:<mydomain>

Getting DC name failed: Status = 9505 0x2521 DNS_ERROR_UNSECURE_PACKET

The Active directory and DNS are setup according to netskope docs 


Reply