We have several UTM 9 firewalls in our AWS environment, all of which are in the same region (US East Virginia).
All of them have a handful of the same firewalls rules, allowing outbound access to various URLs that are defined as DNS Groups.
The problem is that on some firewalls, the DNS Group will resolve to numerous IP (as they properly should), but on other firewalls, the DNS Group will only resolve to 2 or 3 IPs.
When working properly, some of these URLs should resolve to dozens or even hundreds of different IPs.
Under Network Services - DNS, I have the same basic setup on all firewalls, allowing the internal network. So there is nothing different about the network setup between the multiple firewalls we have.
The issue appears to be totally random in regards to which firewalls will resolve all the possible IPs for a given DNS Group, versus which firewalls will only resolve a small percentage of possible IPs.
Anybody have any idea what the problem may be, or how I can get around this? Is there a way to force the firewall to rebuild its cache of IPs (other than rebooting the firewall)?
Thanks!
This thread was automatically locked due to age.
