Hi All,
I'm having a strange issue with DNS on our domain controllers and can't for the life of me figure out what is going on.
Some background, this is a setup we inherited and the VLAN which contained our domain controllers and other servers was controller by another firewall until recently. To simplify the network we have migrated the VLAN to sit behind our Sophos SG125 UTM9. Since then the DNS issues started.
I have an allow firewall rule in place which is as follows
DCs -> DNS - > internet
and have OpenDNS configured as forwarders in the DNS server.
If i try to do an NSLookup on the server i get a DNS timeout but the log on the firewall does show that the requests are processed by the rule and allowed. To confirm this i added a test PC to the rule and tried NSlookup from there and it worked. The PC is on another VLAN so at this point i'm thinking something in the firewall is intercepting the return packets from OpenDNS if the requesting device is on the server VLAN. Is there anywhere in the appliance i can see if it is receiving return traffic?
We have the network working some fashion at the moment by setting the DNS server to use the firewall as a forwarder and adding the server VLAN to the "Allowed Networks" lists under network services -> DNS. We would prefer not to continue with this setup and getting working as it was before.
Any help or ideas would be appreciated.
Thanks,
Andrew
This thread was automatically locked due to age.