This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
LM-Rafael
Contributor
‎2024-04-27 03:54 PM
Jump to solution

Gateway is not reply on DNS requests

Hi,

I'm wondering why the firewall doesn't respond to DNS queries at all.

The provider DNS is set, but when I do an Nslookup with query google via the gateway IP (192.168.100.254), I only get the response: no answer from the server. What is the reason for this? I only found in the documentation that I have to enter the provider DNS. What else is missing here?

Customer network: 192.168.100.0/24

Please help me.

Kind regards

Rafael

0 Kudos
1 Solution

Accepted Solutions
Chris_Atkinson
Employee Employee
Employee
‎2024-04-28 01:38 AM
In response to LM-Rafael
Jump to solution

I assume the old firewall was not a Check Point.

Only Spark appliances provide this type of function for small office applications 

CCSM R77/R80/ELITE

View solution in original post

0 Kudos
3 Replies
Chris_Atkinson
Employee Employee
Employee
‎2024-04-27 11:46 PM
Jump to solution

The Gateway doesn't provide DNS proxy support if that's what you're asking here.

The end clients should reference a valid DNS server and this traffic needs to be permitted in your gateway policy.

CCSM R77/R80/ELITE
0 Kudos
LM-Rafael
Contributor
‎2024-04-28 12:32 AM
In response to Chris_Atkinson
Jump to solution

Previously, the customer had a DNS hierarchy:

1. DNS is the Active Directory server for all computers
2. the Active Directory DNS server then had a forwarding to the old firewall
3. the firewall then made a request to the provider

This hierarchy no longer works, which is why the issue arose.

Because the Active Directory now queries the provider directly.

I am only surprised when my “nslookup” to the Check Point firewall is always answered with “No response”.

Thanks

Rafael

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2024-04-28 01:38 AM
In response to LM-Rafael
Jump to solution

I assume the old firewall was not a Check Point.

Only Spark appliances provide this type of function for small office applications 

CCSM R77/R80/ELITE
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events