ATP200 Open DNS resolver issues
Freshman Member
Hi,
I would like to know how it is possible that a default config from a ATP200, allows for OpenDNS resolving from the WAN. We received an message from the provider that the line will be blocked if we dont fix it. So we checked and find that this ATP200 is allowing for DNS lookups from the WAN. I manually added 2 policies that deny this and that is working. But we cannot find any rules that would allow this.
Any Ideas ? If needed i can send the config.
Kind Regards,
Michel
All Replies
-
Could you explain more for "We received an message from the provider that the line will be blocked if we dont fix it"? do you that the provider cannot find your device by device IP address?
And if you want use the OpenDNS IPv4 addresses 208.67.222.222 and 208.67.220.220 as DNS servers. Please go to Configuration > System > DNS, and add a domain zone forwarder.
0 -
@Zyxel_James
I think the problem is incoming DNS requests are being answered by ATP200 nothing to do with OpenDNS more the ATP200 is a open resolver.
Do you have any security service on firewall rules and from WAN to WAN?
You can disable/enable rules and test here to find the rule doing this
https://www.openresolver.com/
0
Zyxel Employee
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight
