This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is Sophos UTM 9 Firewall or IDS blocking EDNS0 queries (UDP packets that are larger than 512 byte)?

Hello,

our clients are using the integrated DNS server from Windows Server 2012.
Both the clients and the Windows servers are behind the Sophos UTM 9 firewall.

A few days ago we have enabled DNSSec validation for remote queries on the Windows servers. Since then some websites (like gmx.net, web.de) stopped working because of failed DNS resolution. It is toggeling between working and not working.

I've found the following support article from Microsoft:
https://support.microsoft.com/en-us/help/832223/some-dns-name-queries-are-unsuccessful-after-you-deploy-a-windows-base

Would it be possible that Sophos UTM firewall or IDS is blocking EDNS0 queries somehow?

Thank you,
Christoph



This thread was automatically locked due to age.
Parents
  • Hi,

    i don't know such behaviour.
    But first i would check IPS and DNS Log Files. Blockings should be reported there.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • Hello Dirk,

    thanks for your reply. I've checked die IPS and "DNS Proxy" log, but nothing suspicious there.
    Since we are using the Windows servers for DNS resolution, the DNS Log should not be relevant I guess?

    Thanks,
    Christoph

Reply Children