EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Wednesday 11 December 2024, 05:36:47 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Download the latest community FREE version
HERE
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
General Support
DNS Forward blocked
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: DNS Forward blocked (Read 19908 times)
gavins38
Full Member
Offline
Posts: 10
DNS Forward blocked
«
on:
Tuesday 02 February 2016, 01:42:20 am »
While investigating a separate issue on our internet connection, I discovered that DNS Forward was not working on our DNS servers. It works perfectly fine if I set the servers up to bypass the firewall so I figured it must have been a configuration issue on the firewall. We're running Endian Community Firewall 3.0. I've tried adding in an 'incoming routed traffic' rule for port 53 but this doesn't seem to solve the problem. Does anyone know where I need to add in the port exception so that my local DNS servers can query the internet for external DNS?
Logged
Gabriel GHEORGHIU
Full Member
Offline
Gender:
Posts: 57
Re: DNS Forward blocked
«
Reply #1 on:
Tuesday 02 February 2016, 04:48:14 am »
Have you a rule in "Outgoing traffic", like this: Source: GREEN (ORANGE, BLUE); Destination: RED; Service: DNS; Protocol: TCP+UDP; Port: 53; Policy: ALLOW with IPS?
Logged
gavins38
Full Member
Offline
Posts: 10
Re: DNS Forward blocked
«
Reply #2 on:
Wednesday 03 February 2016, 12:42:02 am »
The outgoing firewall is currently not enabled. I assume this means that all traffic is allowed?
When I ran a traceroute on one of the IPs being used for as a DNS forward, the ping reached the end server but did not make the return journey back to me. This is why I thought it was a firewall issue.
Logged
Gabriel GHEORGHIU
Full Member
Offline
Gender:
Posts: 57
Re: DNS Forward blocked
«
Reply #3 on:
Wednesday 03 February 2016, 03:30:00 am »
Usually, all traffic (inbound and outbound) is blocked (disabled) by default.
You must enable "Outgoing traffic" to reach the internet. Then, you must define rules according to your needs.
There are some rules that are enabled by default by the system. One of these rules is from Firewall -> Outgoing traffic -> Show system rules: Allow Ping/Traceroute (ICMP/8, ICMP/30).
Logged
gavins38
Full Member
Offline
Posts: 10
Re: DNS Forward blocked
«
Reply #4 on:
Wednesday 03 February 2016, 09:04:46 pm »
Thanks for your help. I enabled the outgoing firewall and my download speed was instantly reduced by 50%. I can't leave it like that without impacting the rest of the company so I've disabled it again. However my original problem now seems to have resolved itself so I'm wondering if BT's DNS servers weren't working yesterday when I checked. I'll keep an eye on it for now and investigate the outgoing firewall options again if the problem comes back.
Thanks again for your help!
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com