Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 22358 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Rule with FQDN

BrianNickeson

I'm trying to build a business rule for incoming traffic from an fqdn resolved host. As you can see in the image, I have a rule that allows network traffic from two objects. One is an IP address object and the other is an FQDN host that resolves to the exact same IP when I hover over it or issue a DHCP lookup. However, if I set this rule with only the FQDN object in place on the Allowed Client Networks section, traffic is blocked from the host. If I make the rule to include the IP address object in the Allowed Client Network section, it works perfectly (obviously I can leave the FQDN object off completely in this case and it still works).

 

Is there something I'm missing? This type of rule worked perfectly under my UTM 9 setup using an FQDN.



This thread was automatically locked due to age.
Parents
  • 0

    Ok, I've figured out a way to make FQDN work from a troubleshotting standpoint, but it isn't usable for my production need or the way the UTM 9 handled it. If I add a static DNS entry AND set the include "Reverse DNS Lookup" the firewall rule works.

     

    I am not sure why reverse DNS is absolutely necessary though. It makes using a dynamic dns address in an FQDN firewall rule unusable.

  • +1 in reply to BrianNickeson

    Brian,

    as Sachin wrote, both entries are needed.

    If you did not set the reverse dns lookup, so XG uses only IP addresses. You are correct, UTM9 is able to handle this type of queries using only forward lookup queries.

    Hope they will change this behaviour!

    [:(]

Reply Children