This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
siddu099
Participant
3 weeks ago

DNS NOT RESLOVING

Hi Experts,

 

 

I am using checkpoint 81.20 jumbo 99 
dns is not resolving 
ping 8.8.8.8 is working
ping google.com not resolving

show dns primary
8.8.8.8


show dns mode
default

0 Kudos
8 Replies
the_rock
Legend
Legend
3 weeks ago

Maybe try quad 9 dns, 9.9.9.9 or 149.112.112.112

Whats output of curl_cli -k google.com?

Andy

0 Kudos
siddu099
Participant
2 weeks ago
In response to the_rock

Hi Team,

 

I am not getting any response for

curl_cli -k google.com

also cant able to ping 9.9.9.9

 

 

ping 9.9.9.9

 

PING 9.9.9.9 (9.9.9.9) 56(84) bytes of data.

^C

--- 9.9.9.9 ping statistics ---

2 packets transmitted, 0 received, 100% packet loss, time 999ms

0 Kudos
the_rock
Legend
Legend
2 weeks ago
In response to siddu099

Do constant ping to 9.9.9.9 in one window and in the other one fw ctz zdebug + drop | grep 9.9.9.9

0 Kudos
siddu099
Participant
2 weeks ago
In response to the_rock

Hi Rock,

After adding the static route we can able to ping the dns 
but we are using the x.x.x.x/29 in bgp 
still we are facing the issue to ping some of public-ip


0 Kudos
Chris_Atkinson
Employee Employee
Employee
2 weeks ago
In response to siddu099

How does the Gateway receive it's default route, do you see it in the route table?

CCSM R77/R80/ELITE
0 Kudos
Chris_Atkinson
Employee Employee
Employee
3 weeks ago

What's the underlying platform, any other NSG / NACLs that might need adjusting?

CCSM R77/R80/ELITE
0 Kudos
siddu099
Participant
2 weeks ago
In response to Chris_Atkinson

Hi Chris,

Its running on ESXI environment 
we configured bgp in checkpoint 
there is know restriction ACL for outgoing and incoming

0 Kudos
Chris_Atkinson
Employee Employee
Employee
2 weeks ago
In response to siddu099

Please ensure that you've followed sk101214 if this is a cluster on ESXi.

Can you please share the routing table, do you see the routes with "netstat -rn" or "ip route"?

 

CCSM R77/R80/ELITE

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events