This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

some DNS names were blocked

Hi,

I am using a sophos sg115 with home license (firmware version: 9.709-3).

My problem is that I can't connect to some url's (e.g. subdomain.atlassian.net). If I use the direct connection of my Deutsche Glasfaser account on modem, it works. Also if I use my mobile LTE connection as hotspot. I can't find the issue on the utm but this is the only firewall component between my PC and DG router/modem.

Any ideas?

Webfiltering is disabled.

Country blocking is disabled.

.

Thanks in advance.

Regards,

Duff11



This thread was automatically locked due to age.
  • Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • Thanks, I tried it without to configure the two sections request routing and reverse dns.

    I am able to resolve the requested DNS via nslookup. If I try to reach it in a browser, I still get a timeout. :(

  • Do you use Webfilter (Proxy)? Ah, I see you already wrote this is disabled.

    Are you sure  that your "modem" is a modem and not a router?

    How does it know about the network behind your firewall?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • After making any DNS changes I would do two things:

    On the client, open a command prompt window and flushDNS at the prompt: ipconfig /flushdns

    On UTM, flush your cache: Network Services > DNS > button at the bottom to flush cache.

    Then try to go to your site after doing those two things.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • I tried the two dns flush settings (also reboot) but without luck :( I have a so called dual ipv4/ipv6 internet access of Deutsche Glasfaser.

    WAN
    WAN Status	Up,1000Mbps full duplex
    MAC Address	00:0F:94:24:DE:20
    IP Address	100.69.76.177
    Netmask	255.255.192.0
    Gateway	100.69.64.1
    DNS Server 1	127.0.0.1
    DNS Server 2	185.22.44.50
    DNS Server 3	185.22.45.50
    DNS Server 4	2a00:6020:100::1
    DNS Server 5	2a00:6020:200::1
    IPv6 Address	fe80::20f:94ff:fe24:de20/64
    IPv6 Address	2a00:XXXX:XXXX:a35:b044:a6e2:5004:59c/128
    Recursive DNS Server	2a00:6020:100::1
    Recursive DNS Server	2a00:6020:200::1
    Received	4.0k Packets  (824.1 KiB)
    Transmitted	6.1k Packets  (1.3 MiB) 

    I can't understand this behaviour. Also some domains which where accessiable for some weeks are not reachable over my sophos and DG internet access. Only via LTE hotspot of my mobile. This is very strange and stupid.

  • If you are actually using it, try disabling IPv6 and use IPv4.  Sucks, but I've seen at least two or three issues recently posted here which IPv6 was the issue. Wouldn't hurt to rule that out. 

    I'm assuming this is a snippet from your UTM?  I ask because of your DNS server being a local host, and not a DNS server (127.0.0.1). I'd also try removing that if IPv6 isn't the issue and use either Google DNS (8.8.8.8) or Cloudflare DNS (secure DNS) - (1.1.1.1).

    *The URLs that you can't reach by their DNS name - can you reach them by their IP addresses?

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Hallo,

    What do you learn by doing #1 in Rulz (last updated 2021-02-16)?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thanks for the hint, BAlfson.

    I re-enabled the Webfiltering and deactivated the checkbox Do not proxy HTTPS traffic in transparent mode. Select web filtering only and it works.

    I am confused...