Bridge DNS forwarding problem

Options
PeterUK
PeterUK Posts: 4,227 image  Guru Member
250 Answers 2500 Comments Friend Collector Eighth Anniversary
edited November 19 in Security

VPN300 V5.37(ABFC.2)
USG FLEX 200 V5.41(ABUI.0)

So I think sadly nothing can be likely done for the VPN300 thats EOL but I might be able to workaround that but the problem happens on FLEX 200 so I be thankful if this could be fixed.

The issue I'm seeing is I have a bind server with WAN IP does lookup from root servers you can see here the from DNS server a DNS query is sent in this case sig.cloud.zyxel.com with transaction ID 0x8082 no reply

DNS server.png

Then a view from DMZ side of the Bridge

USGDMZ.png

Then a view from WAN side of the Bridge which you can see a reply but FLEX200 didn't pass it on over the DMZ

USGWAN.png

All Replies

  • Zyxel_Melen
    Zyxel_Melen Posts: 4,129 image  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @PeterUK

    Could you share the topology and packet flow of this scenario? And we also need the remote access to VPN300 and FLEX200 to check this issue.

    Zyxel Melen


  • PeterUK
    PeterUK Posts: 4,227 image  Guru Member
    250 Answers 2500 Comments Friend Collector Eighth Anniversary

    Ok Melen you can have remote access to VPN300 and FLEX200 to check this issue I was hoping you could of done internal testing given its DNS and how important it is. My guess is the FQDN system might be causing this problem?

    simple topology

    internet > VPN300 > FLEX200 > DNS server 

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)