Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 10 replies
  • Subscribers 4 subscribers
  • Views 17286 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM add DNS key every day

AlessandroBlasi

Hello Everybody,

 

from 3 days we have some trouble with our UTM9 + SG330. Every morning four keys are added to ours DNSs so a big numbers of users can't go to internet.

I resolved deleting keys from DNS and flushing DNS cache on users PC. 

Why these keys are added? How can I prevent that?

 

Thanks for helping me.

 

Alessandro.



This thread was automatically locked due to age.
Parents
  • 0

    Hi Alessandro,

    Could you tell us more about what keys are added and show us a picture of this example?

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Hello sachingurung,

     

    Until few days ago I have only one row in my DNSes from the time of first setup (about a year ago)

    Something like that:

    SERVERUTM         172.16.0.1            Static

    Now every morning I see this in DNS Servers:

    SERVERUTM         172.16.0.1            Static

    SERVERUTM          89.97.XX.XX          Today Date.     (EXTERNAL IP)

    SERVERUTM         192.168.25.1         Today Date.     

    SERVERUTM         192.168.1.1          Today Date

    SERVERUTM         192.168.7.1         Today Date


    So when my computers (about 200) asks for name resolution they peek one of these records and navigation to internet works only if they pick the first in that list.
    For now I resolved deleting manually new record from all DNS e flushing cache on the clients but I'd like to understand why I have this records.

    I can't attach a picture because this morning I've already deleted the extra key. Tomorrow morning I'll check again .

    Thanks for helping me.

     

    Alessandro.

  • 0 in reply to AlessandroBlasi

    Hi Sachin,

     

    I see that the IP added in DNS servers are the IPs of UTM interfaces.  Why this happens?

     

    Thanks!

  • 0 in reply to AlessandroBlasi

    Does it occur after a firmware upgrade? You might also want to compare your DNS configuration with DNS best practice by Bob.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • +1 in reply to AlessandroBlasi

    Hi Alessandro

    Are you running version 9.502 of the UTM?

    If so, the symptoms sound like those documented in https://community.sophos.com/kb/en-us/127220

    This behaviour will be changed in an upcoming version but if you contact Sophos Support quoting the above article there is a patch that should resolve the symptoms.

    Greg

  • 0 in reply to GregH

    Hi Greg,

     

    you're right. Thanks.

    I'm very unhappy about that. I applied 9502 for solving problems with the previous version and I have another trouble... :-(

    By the way, thanks again,

     

    Alessandro. 

  • +1 in reply to GregH

    Hello All,

    the problem can be resolved deleting from crontab the string for joining to Windows Domain applied for the bug of the previous firmware.

     

    * 12 * * *  /usr/local/bin/confd-client.plx ad_join_domain mydomain USER PASS DC-IP

     

    Hope this help,

    Have a nice day!

    Alessandro.

     

     

     

     
     
     
Reply
  • +1 in reply to GregH

    Hello All,

    the problem can be resolved deleting from crontab the string for joining to Windows Domain applied for the bug of the previous firmware.

     

    * 12 * * *  /usr/local/bin/confd-client.plx ad_join_domain mydomain USER PASS DC-IP

     

    Hope this help,

    Have a nice day!

    Alessandro.

     

     

     

     
     
     
Children
Cookie Information Banner