We've activated DNS Protection yesterday eventing on our firewall and got totally wrong resolved IP-adresses.
After reverting it back to Google, the rights ones were resolved.
How should we proceed with that ?
I can provide 2 examples
We've activated DNS Protection yesterday eventing on our firewall and got totally wrong resolved IP-adresses.
After reverting it back to Google, the rights ones were resolved.
How should we proceed with that ?
I can provide 2 examples
What are the wrong IPs?
__________________________________________________________________________________________________________________
The incorrectly returned IPs are:
3.70.44.70
52.28.207.170
Grüße
Olaf Pelzer
Those are the DNS block page redirect IPs.
So to speak: The FQDN you try to reach is blocked, therefore we offer this IP to block it.
This is a record, blocked by DNS due the category:
Going to this IP: try http:// 52.28.207.170/
__________________________________________________________________________________________________________________
Thx Luca!
Interesting that even a ping to the external fqdns give's back these IPs.
And the questions is why these IP adresses (our own domain with a-records for customer firewalls) are categorized as "don't go to there".
I would like to see these things in the logs which should be available soon - I hope.
Grüße
Olaf Pelzer
What policy did you use?
__________________________________________________________________________________________________________________
What policy did you use?
__________________________________________________________________________________________________________________
Parked Domains are blocked in the default.
__________________________________________________________________________________________________________________
Hi OlafPelzer
Thanks for your email. We shall check why the feedback is not working.
We analysed the issue reported and analysis as below:
Sophos4u.de is categorised as Parked domain. As per the policy configured (Keep it clean rule), Parked domains are blocked and hence, a different IP (which redirects to block page) is observed.
There are two ways you can allow this domain:
Option 1:
Option 2:
Please let us know if you need any further help. Thanks again for enrolling and trying out DNS Protection EAP.