Connectivity Check on interface with domains
Guru Member
VPN 300 V5.36(ABFC.2)
Using ge3 VLAN443 external
I get this every now and then about every 30 mins I have checked my DNS by Wireshark and can see the DNS answers being sent to the VPN300 on VLAN53 (DNS to my BIND has its own VLAN)
DNS forwarder
192.168.53.12 to BIND and 192.168.53.4 USG60
set with bounceme.net and no-ip.org with when probe succeeds when any one
here is another example
All Replies
-
Dear @PeterUK
Could you share your topology with us? It's convenient for us to understand your finding. Thanks.
Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L
0 -
It works for like 30 mins then does a DNS lookup and gets answer from BIND but the VPN300 choose not to accept the answer at times
Here you go
1 -
I'm not 100% sure I found the reason but I tried on FLEX200 and was not seeing a problem. I then added some WILDCARD FQDN in a group:
*googlevideo.com
*steamcontent.com
*yahoo.com
*youtube.com
enabled BWM with a rule with that group then started seeing a problem.
So a bug for DNS when the USG snoops DNS answers for WILDCARD FQDN?
0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
