hoping someone could possibly shed some light on what I maybe missing in the configuration...Im going out of my mind looking at this as I just cant see it, ill try to keep it short....
I recently replaced our offsite meeting room location Juniper SRX with a PA-220:
The above setup worked without issues on the SRX - since moving across to the PA-220 I am having issues with DNS resolution:
I am aware that a whole number of things could cause these issues so ill list what we have done/ tested/ setup
The more i look at it the more i know ive probably missed something but cant put my finger on what....
Any one have any ideas?
Many thanks :)
Do you have logging enabled on the default policies, Inter/Intra zone? If not enable then and check the logs for dns traffic. If your WiFi is in a different zone than you VPN tunnel (it should be), check the logs to see if its getting blocked somewhere.
run wireshark on PC check for DNS packet
enabled packet capture on firewall to check DNS traffic.
As mentioned check security policy between different zones.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!