Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 27 subscribers
  • Views 3878 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I need someone to explain this for me?

rfcat_vk

Hi folks,

I am a little puzzled by a report in there XG GUI and more details in the report section. The issue is my wife MBP is shown as having been attacked by a control "nasty" using the DNS.

On my XG there are two firewall rules allowing users to access DNS, 1 in IP4 and the other in IPV6. The IP4 rule does not show any traffic. Does this mean the XG DNS proxy is not really a proxy?

Please see a report extract below.

Thank you

Ian



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to rfcat_vk

    Hi MBP,

    update.

    I have deleted those DNS rules. I have not been able to locate any record for the reported device as actually performing a DNS lookup and hitting a firewall rule eg no DNS entries in log viewer which means all DNS look ups are with the LAN as managed by the XG.

     

    Ian 

Children
  • 0 in reply to rfcat_vk

    Hi Ian,

     

    i am not able to follow you. 

    Your Clients are using the XG LAN interface as a DNS Server, right? 

    So if you disable the LAN to WAN Rule for DNS, it should still work, if you have tick the DNS service under device access? 

  • 0 in reply to LuCar Toni

    Hi MBP,

    Sometime back I was having issues with setting up the XG DNS, so I added firewall rules (IP4 and IPv6) with only DNS access allowed. I have resolved the issues and now all devices use the XG as their DNS. The issue I raised above is where one device that uses the XG only.

    I hope that clarifies the issue?

    Ian