This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Need a second set of eyes on a DNS drop rule

I think I have this configured correctly to drop any DNS query out to the open internet:

Last match wins, correct?

John



This thread was automatically locked due to age.
Parents
  • Not sure what you're trying to do, John, but first match wins - see #2 in Rulz.  The firewall will drop everything by default unless there's a rule allowing the traffic, so there's no point in creating a drop rule for this.  See DNS best practice to see how to configure the DNS Proxy to allow internal users to get DNS resolution.  If using Web Filtering, users must get DNS resolution in Transparent mode.  In Standard mode, the Web Proxy requests resolution.

    Cheers - Bob
    PS Moderators can see the IP from which someone posts here - we live in the same town.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Not sure what you're trying to do, John, but first match wins - see #2 in Rulz.  The firewall will drop everything by default unless there's a rule allowing the traffic, so there's no point in creating a drop rule for this.  See DNS best practice to see how to configure the DNS Proxy to allow internal users to get DNS resolution.  If using Web Filtering, users must get DNS resolution in Transparent mode.  In Standard mode, the Web Proxy requests resolution.

    Cheers - Bob
    PS Moderators can see the IP from which someone posts here - we live in the same town.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data