Strange DNS issue for users

Reply
Highlighted
L2 Linker

Strange DNS issue for users

Hi All,

 

Any idea on this one?

 

I have some wireless testing underway which seemed to be going without issue. All of a sudden, any browsing to .co.uk domains stopped working, followed by .com domains failing as well. A short while ago, .co.uk domains started working again but sporadically. If I change the rule permitting the dns traffic from either application dns or service udp 53 to anything for application default the issue resolves itself. Logs show the dns requests passing through the firewall without issue.

 

Has anyone seen this before?

 

Regards

 

Adrian

Tags (1)
L7 Applicator

Re: Strange DNS issue for users

@a.jones,

Insure that you have logging enabled on the interzone-default policy so that you are getting the denied traffic. The way you describe the issue something is getting dropped and the likely cause of that is the security rulebase itself. You might also want to look at your threat logs to ensure the DNS requests aren't being dropped due to a threat identification. 

L4 Transporter

Re: Strange DNS issue for users

I agree with BPry please check the threat logs you will find the answer there.

L4 Transporter

Re: Strange DNS issue for users

Also check the traffic logs there might be some traffic blocked when you use the application default

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!