Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 576 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with DNS, it seems that FW is blocked from output by PDC

JulioCP 
Hello, I have the following scenario replace my firewall (pfsense) by sophos xg firewall and I have the following problem in the DNS part. 
I use as PDC+BDC Zentyal + Sophos XG as firewall and DHCP Server, after migration my machines only browse if I leave one of the DNS with a valid DNS from Google or another. 
In Sophos DHCP Server the machines only navigate if I leave DNS1: 192.168.1.2 (PDC) DNS2: 8.8.8.8 (or other valid). Not even if I leave only the DNS1: 192.168.1.2 (PDC) the machines navigate. 
However on my PDC 192.168.1.2 the name resolution is ok, ping and browsing normal, I believe it is not a problem on my PDC because before the migration it worked normally. 
Even more that I lost the functionality of the DBC (192.168.1.11) because if the PDC fails the DBC does not take over because the secondary DNS of Sophos in DHCP I have to use google to browse. 
Does anyone have any hints of what it could be. Thanks


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to JulioCP

    Not in both, neither the PDC and the BDC forward DNS requests to the Firewall, neither in the configuration of the network card nor as forwarders. Firewall for PDC and BDC only receives requests as a gateway. The only firewall reference in them is to be the gateway to the network itself. For the functionality of Active Directory in Samba the DNS has to be that of the PDC. And I think the Firewall is blocking DNS requests that come from the PDC or DBC (internal network)