i have a problem with asg7.104 and ssl1.3:
- the client connects and gets the correct informations by dhcp, as routing, dns and domain-suffix.
- sporadicly outlook and smb-shares stop working.
- pinging the hostname doesn't get an answer. a tcpdump on tun0 doesn't show any dns requests.
- nslookup resolves the hostname. the request is visible on tun0
- net stop/start dnscache or just waiting for some minutes solves the problem
the ruleset of the ssl-network is configured automatically for two private networks. the dns is ad-integrated. a reversezone for the ssl-network is also configured. there is no wins configured.
i checked the ruleset for the ssl-network by ssh. the packetfilter only shows some dropped dns-multicast packets. there are some rules, which obviously were not configured by gui.
asg:/root # iptables -vxnL | grep 10.242.2.0
0 0 CONFIRMED tcp -- * * 10.242.2.0/24 0.0.0.0/0 tcp spts:53:65535 dpt:53 CONFIRMED
0 0 CONFIRMED udp -- * * 10.242.2.0/24 0.0.0.0/0 udp spts:53:65535 dpt:53 CONFIRMED
i also checked routing and dns configuration when the error appears. everything seems ok. even a dump with whireshark on all interfaces of ssl-client doesn't show any dns lookups. it seems like it gave up resolving.
has anyone made similar experiences?
rgds
This thread was automatically locked due to age.
