After a dedicated gateway is configured, it may be used to reach one or more internal/private DNS name servers to resolve hostnames. This is very common for organizations that only provide hostname lookups for internal devices that are "on network", and not to anyone on the open internet.
The integration uses your dedicated gateways to ensure that no additional software, agents, nor appliances are required to support any number of private DNS zones in your environment.
If you have one or more private DNS domains or zones that can only be looked up "inside" your network, you must configure custom DNS zones to ensure your end users can reach private resources from their Zero Trust Network Access-enabled device. For more information, see DNS Zones.