This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM Firewall... oddity detected in firewall. Help...

UTM Firewall... oddity detected in firewall. Help...
Here is the two lines I'm referring too:

23:00:08 DNS request UDP 192.168.x.66 : 51805 202.112.0.44 : 53 len=70 ttl=128 tos=0x00 srcmac=94:de:80:27:4e:2f dstmac=00:25:90:f2:cb:67

23:00:08 Country blocked UDP
192.168.x.66 : 51805 202.112.0.44 : 53 len=70 ttl=127 tos=0x00 srcmac=94:de:80:27:4e:2f dstmac=00:25:90:f2:cb:67

As you can see, first row, my Internal DNS server (x.66) accepts and forwards a DNS request to the 202.112.0.44 address and the firewall allows it. Then immediately afterwards, it tries again, however this time it gets blocked.

I am unable to figure out why this is happening, and what is causing it.

I have endpoint protection enabled on the DNS server, and no errors/warnings have been trapped. I've looked at my DNS logs on the DNS server, and I do not detect anything odd as well.

Any suggestions?

This thread was automatically locked due to age.

Parents

0 vilic over 9 years ago

Your UTM is probably configured for China country blocking, check in Network Protection -> Firewall -> Country Blocking.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 vilic over 9 years ago

Your UTM is probably configured for China country blocking, check in Network Protection -> Firewall -> Country Blocking.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data