This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ATP notification on DC/DNS server

Hey guys,

I already stated this question in the german forum, but no answer yet...

My ATP notified me yesterday in the morning with following message:

2015:05:19-07:57:04 UTM named[4492]: rpz: client 1**.1**.1.**#59998 (motiware.com): view default: rpz IP NXDOMAIN rewrite motiware.com via 32.37.26.70.109.rpz-ip.rpz

I'm not quite sure where this error came from... The "client" is our 2nd DC and DNS server!

I couldn't find the IP 109.70.26.37 in the WebFiltering log...

Can anybody tell me what exactly could have happened here?

thanks a lot!

Max

This thread was automatically locked due to age.

Parents

0 BAlfson over 10 years ago

Hey Max,

What does the line on the 'Advanced Threat Protection' tab of 'Logging & Reporting >> Network Protection' say? How is your DNS configured compared to DNS Best Practice?

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 10 years ago

Hey Max,

What does the line on the 'Advanced Threat Protection' tab of 'Logging & Reporting >> Network Protection' say? How is your DNS configured compared to DNS Best Practice?

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data