EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Tuesday 19 November 2024, 07:19:40 am
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Visit the Official Endian Reference Manual
HERE
14258
Posts in
4377
Topics by
6515
Members
Latest Member:
hulteends
Search:
Advanced search
EFW Support
Support
EFW SMTP, HTTP, SIP, FTP Proxy Support
DNS requests blocked/redirected
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: DNS requests blocked/redirected (Read 14607 times)
ggillesp
Jr. Member
Offline
Posts: 2
DNS requests blocked/redirected
«
on:
Friday 22 February 2013, 06:39:51 am »
Hello all.
I am attempting to set up a virtual envionment using Endian 2.5.1. I have replaced several hardware firewalls with EFW. My problem is that DNS requests through the firewall (RED-->GREEN) seem to be redirected. THis all worked when the firewalls were hardware.
I have DNS client (SERVER1) on the RED segment (VMNet1) which is configured to use a DNS server (SERVER2) on the GREEN segment (VMNet2).
SERVER1 cannot get DNS responses from SERVER2.
DNS clients on the same network as the server get proper DNS resolution.
When I moved SERVER1 temporarily onto the GREEN segment, everything worked.
Using Wireshark, I can see that DNS requests from the RED network do not arrive at SERVER2.
The Endian Firewall ACL has a permit all IP statement for the traffic and logs show the DNS requests being permitted.
Using Wireshark I can see that DNS requests are sent from SERVER1 to SERVER2 via the firewall.
When I reconfigure SERVER1 to send DNS requests to a different box on the GREEN segment, Wireshark shows the requests arriving at that box (SERVER3)
I am assuming that there is some sort of proxy-redirect going on. Under the DNS Proxy settings the Transparent setting is disabled. I have also tried it enabled without success.
Oddly, when I capture DNS request traffic on SERVER1 I see some sort of DNS redirect. The first packet goes to SERVER2 via the firewall as expected - SERVER1_IP (MAC1) --> SERVER2_IP (FW MAC)
But then the firewall issues a of DNS request packets to SERVER2 on the RED segment. FIREWALL_IP (FW MA) --> SERVER2_IP (XX MAC)
The XX MAC address is actually the upstream gateway address.
So, some questions:
Why is the firewall redirecting the DNS packet upstream if DNS proxy is disabled?
Why is the firewall sending a packet to SERVER2_IP (GREEN) but sending it out on the wrong interface (RED)?
As a note, when I perform the same test to SERVER3, there is no redirect. The only difference that I can see being that SERVER2 is the primary DNS address configured in the firewall and SERVER3 is unknown to the firewall.
I appreciate any information that you can give me on the DNS proxy or whatever is going on here.
Logged
jeremycald
Full Member
Offline
Posts: 41
Re: DNS requests blocked/redirected
«
Reply #1 on:
Friday 22 February 2013, 02:22:13 pm »
There is a DNS proxy under the Proxy tab
Logged
ggillesp
Jr. Member
Offline
Posts: 2
Re: DNS requests blocked/redirected
«
Reply #2 on:
Tuesday 05 March 2013, 07:24:19 am »
Quote from: jeremycald on Friday 22 February 2013, 02:22:13 pm
There is a DNS proxy under the Proxy tab
As noted in the original post, "Under the DNS Proxy settings the Transparent setting is disabled. I have also tried it enabled without success".
Is there something else I should try with DNS proxy?
Logged
robert
Full Member
Offline
Posts: 23
Re: DNS requests blocked/redirected
«
Reply #3 on:
Tuesday 05 March 2013, 08:13:13 am »
Try this command and let me know if it fixes the problem, this is just a temporary fix to see if that is what is causing the problem.
ip rule del fwmark 0x8/0x7f8
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.063 seconds with 18 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com