UTM add DNS key every day

Hi Alessandro,

Could you tell us more about what keys are added and show us a picture of this example?

Thanks

Hello sachingurung,

Until few days ago I have only one row in my DNSes from the time of first setup (about a year ago)

Something like that:

SERVERUTM         172.16.0.1            Static

Now every morning I see this in DNS Servers:

SERVERUTM         172.16.0.1            Static

SERVERUTM          89.97.XX.XX          Today Date.     (EXTERNAL IP)

SERVERUTM         192.168.25.1         Today Date.     

SERVERUTM         192.168.1.1          Today Date

SERVERUTM         192.168.7.1         Today Date

So when my computers (about 200) asks for name resolution they peek one of these records and navigation to internet works only if they pick the first in that list.
For now I resolved deleting manually new record from all DNS e flushing cache on the clients but I'd like to understand why I have this records.

I can't attach a picture because this morning I've already deleted the extra key. Tomorrow morning I'll check again .

Thanks for helping me.

Alessandro.

Hi Sachin,

I see that the IP added in DNS servers are the IPs of UTM interfaces.  Why this happens?

Thanks!

Does it occur after a firmware upgrade? You might also want to compare your DNS configuration with DNS best practice by Bob.

Thanks

Hi Alessandro

Are you running version 9.502 of the UTM?

If so, the symptoms sound like those documented in https://community.sophos.com/kb/en-us/127220

This behaviour will be changed in an upcoming version but if you contact Sophos Support quoting the above article there is a patch that should resolve the symptoms.

Greg

Hi Greg,

you're right. Thanks.

I'm very unhappy about that. I applied 9502 for solving problems with the previous version and I have another trouble... :-(

By the way, thanks again,

Alessandro. 

Hello All,

the problem can be resolved deleting from crontab the string for joining to Windows Domain applied for the bug of the previous firmware.

* 12 * * *  /usr/local/bin/confd-client.plx ad_join_domain mydomain USER PASS DC-IP

Hope this help,

Have a nice day!

Alessandro.

Hello All,

the problem can be resolved deleting from crontab the string for joining to Windows Domain applied for the bug of the previous firmware.

* 12 * * *  /usr/local/bin/confd-client.plx ad_join_domain mydomain USER PASS DC-IP

Hope this help,

Have a nice day!

Alessandro.

Thanks Alessandro

I've added a note to remove any manually created crontab entries to the article

You're Welcome Greg! 

Do I not deserve a great "Sophos Helper" T-shirt? :-)

Have a good day
Alessandro

You will be interested to look at Leaderboard Rewards. :)