Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 3 subscribers
  • Views 6487 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Browsing to: https://myutm.sophos.com or https://ebay.com

MichaelZ1

Hi there,


First time poster. Recently I have implemented a Sophos UTM VA on Hyper-V 2012 R2 in a lab.. Recently I have started noticing that certain sites (ebay.com.au) are not currently loading within the browser. Would return a sophos website timeout error. In an effort to troubleshoot the problem, I have:

- Re-installed the UTM OS - Version: 9.403-4

- Put a bare bone firewall rules (Any Host - Any Service- Any Dest)

- NATted it.

- DNS Forwarder

- DynDNS Setup.

- Enabled IPS. (All Features)

- (To Test the ISP) Plugged a laptop directly into the NTD (AUS NBN) - No Problems.

- NOTE: Web Filtering is Disabled.

I can browse all other sites, and I can nslookup these hosts. I have checked the Firewall Log, which is showing nothing. The IPS log shows nothing. I performed a tcpdump on the interface and i can see the DNS traffic.

Out of idea's and Stumped.

Michael.



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to sachingurung

    Hi sachingurung,

    Thank you for your prompt response. My DNS configuration at the moment is:


    Client:

       Primary DNS: 8.8.8.8 (Bypassing the UTM)

       Secondary DNS: 8.8.4.4 (Bypassing the UTM)

    UTM:

      Allowed Networks for UTM DNS Resolver: (None)

      Forwarders: Google DNS (Group)

               8.8.8.8 and 8.8.4.4

    No Request Routing

    DyDNS is Configured.

    Bypassing the UTM ebay and myutm works fine.

    Kind Regards,

    Michael.

  • 0 in reply to MichaelZ1

    Hi Michael,

    Select "Allowe Networks for UTM DNS Resolver" = Internal (Network)-LAN. That should allow the network to resolve websites.

    Also refer the DNS best practice document here.

    Thanks

  • 0 in reply to sachingurung

    Hi, Michael, and welcome to the UTM Community!

    Sachin, that document was plagiarized from my post DNS best practice that I continue to maintain.  I don't know how well maintained the KnowledgeBase article is.

    Cheers - Bob

  • 0 in reply to sachingurung

    Hi,


    This has resolved the problem.


    I am still stumped. Upon reading this document ion over and over, I initially had the UTM configured as a DNS Server and setup to bypass it. Either way it didn't work, countless flushes, nslookups (which resolved) but no log traffic. Is there some other log I could check in the future to try and identify what is happening?

    Thanks,

    Michael.