topic R82 http proxy and dns proxy forwarding domains not working in General Topics

R82 http proxy and dns proxy forwarding domains not working

Michael134890 — Thu, 25 Sep 2025 08:10:06 GMT

Hello,

on our Gateway Cluster (Elastic XL) we have the http Proxy (Non transparent) enabled.

Without configured DNS proxy Forwarding Domains this works.

After configured DNS Proxy Forwarding and restart the WSDNSD (or CPSTOP, CPSTART), Internet via Proxy don't work anymore.

When i removed the entry for DNS proxy Forwarding and restart the WSDNSD, Internet via proxy works again.

The Logs show the connection is reject because of Proxy: internal error; Connection was rejected due to internal error.

The error described in sk110013 - How to configure Check Point Security Gateway as HTTP/HTTPS Proxy says: DNS server is available but no record for the URL request.

I have no idea why this could not be resolved?

cat /etc/resolv.conf
# This file was AUTOMATICALLY GENERATED
# Generated by /bin/dnsmasq_xlate on Thu Sep 25 10:01:14 2025
#
# DO NOT EDIT
#
server 127.0.0.1

cat /etc/dnsmasq.conf
# This file was AUTOMATICALLY GENERATED
# Generated by /bin/dnsmasq_xlate on Thu Sep 25 10:01:14 2025
#
# DO NOT EDIT
#
bind-interfaces
cache-size=1000
no-poll
listen-address=127.0.0.1
interface=bond3.706
server=/google.com/8.8.8.8
server=/#/1.1.1.1
server=/#/1.0.0.1
server=/#/9.9.9.9
conf-dir=/etc/dnsmasq.d

netstat -tulpen | grep dnsmasq
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 0 94223101 10214/dnsmasq
tcp 0 0 10.10.6.254:53 0.0.0.0:* LISTEN 0 94223098 10214/dnsmasq
udp 0 0 127.0.0.1:53 0.0.0.0:* 0 94223100 10214/dnsmasq
udp 0 0 10.10.6.254:53 0.0.0.0:* 0 94223097 10214/dnsmasq

All DNS could be locally resolved:

# dig amazon.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7.cp998000096 <<>> amazon.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56994
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;amazon.com. IN A

;; ANSWER SECTION:
amazon.com. 900 IN A 52.94.236.248
amazon.com. 900 IN A 54.239.28.85
amazon.com. 900 IN A 205.251.242.103

;; Query time: 11 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Sep 25 10:05:13 CEST 2025
;; MSG SIZE rcvd: 87

dig google.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7.cp998000096 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16468
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;google.com. IN A

;; ANSWER SECTION:
google.com. 300 IN A 142.251.36.206

;; Query time: 22 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Sep 25 10:04:38 CEST 2025
;; MSG SIZE rcvd: 55

Thanks

Michael

Re: R82 http proxy and dns proxy forwarding domains not working

PhoneBoy — Thu, 25 Sep 2025 19:02:50 GMT

dnsmasq logs to syslog a.k.a. /var/log/messages
Anything useful there?

Re: R82 http proxy and dns proxy forwarding domains not working

Michael134890 — Fri, 26 Sep 2025 12:30:50 GMT

Output from /var/log/messages:

...

dnsmasq_xlate: Starting dnsmasq_xlate as default mode
dnsmasq_xlate: Updating dnsmasq configuration
dnsmasq_xlate: Restarting dnsmasq
dnsmasq[10125]: exiting on receipt of SIGTERM
dnsmasq[10214]: started, version 2.76 cachesize 1000
dnsmasq[10214]: compile time options: IPv6 GNU-getopt no-DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset au
th nettlehash no-DNSSEC loop-detect inotify
dnsmasq[10214]: using nameserver 9.9.9.9#53 for default
dnsmasq[10214]: using nameserver 1.0.0.1#53 for default
dnsmasq[10214]: using nameserver 1.1.1.1#53 for default
dnsmasq[10214]: using nameserver 8.8.8.8#53 for domain google.com
dnsmasq[10214]: read /etc/hosts - 15 addresses
dnsmasq[10214]: using nameserver 9.9.9.9#53 for default
dnsmasq[10214]: using nameserver 1.0.0.1#53 for default
dnsmasq[10214]: using nameserver 1.1.1.1#53 for default
dnsmasq[10214]: using nameserver 8.8.8.8#53 for domain google.com
dnsmasq[10214]: ignoring nameserver 127.0.0.1 - local interface
xpand[27580]: log info: objectName: DNS,administrator: admin, operation: Set Object, facility: Web-UI, message: primary
DNS server in forwarding domain google.com is set to 8.8.8.8

...

But no erros or anything else