This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Di_Junior
Advisor
Advisor
‎2018-12-18 04:43 AM

DNS stops resolving name in Remote Access VPN

Dear Mates

I have currently migrated our Remote Access VPN to Check Point, and everything seems to be working. However, from time to time, there is a problem with DNS resolving the names. when this happens, it displays the message in the photo bellow. Since I dont know the cause of the problem, sometimes a workaround that I found is to push the policy again on the firewall where the RA is terminated, and then it works just fine.

Any idea on what could be causing this, and how it can be resolved?

Thanks in advance

8 Replies
ED
Advisor
‎2018-12-18 05:51 AM

Hi,

I had recently the same problem with DNS for another situation. In my case it was problem with the "forwarders" for the DNS server itself. Also the Server: unknown information is related to the "Reverse lookup zone" for your DNS-server. (if you don't have a reverse lookup for your DNS server).

Di_Junior
Advisor
Advisor
‎2018-12-18 05:55 AM
In response to ED

HI Enis,

Thanks for your help.

But how do I fix this problem once and for all.

Regards

0 Kudos
ED
Advisor
‎2018-12-18 11:14 PM
In response to Di_Junior

May I ask if you are using Windows server for DNS so that I can try to explain what I meant?

0 Kudos
Di_Junior
Advisor
Advisor
‎2018-12-19 12:20 AM
In response to ED

Hi Enic 

Yes, we are using Windows Server for DNS.

0 Kudos
ED
Advisor
‎2018-12-19 01:42 AM
In response to Di_Junior

Open up DNS manager. On top select your DNS server, right-click and select Properties. On the new window select "Forwarders" tab. Do you have anything there? You can try to use forexample 8.8.8.8 (Google) or 1.1.1.1 (Cloudflare).

Also check in DNS manager if you have reverse lookup zone for your domain. 

0 Kudos
PhoneBoy
Admin
Admin
‎2018-12-18 04:08 PM

Recommend a TAC case for this issue.

Scott_White
Explorer
‎2020-05-08 11:23 AM
In response to PhoneBoy

We have been experiencing this issue sporadically as well.  We have noticed that nearly all of the users experiencing the issue are using Comcast for their ISP.

 

  • Checkpoint FW verison
    • Product version Check Point Gaia R80.20
    • OS build 101
    • OS kernel version 2.6.18-92cpx86_64
    • OS edition 64-bit
    • Checkpoint VPN CLient Version:
      • VPN E80.62 Build 986000452
      • Other Versions as well
      •  
      •  OS:
        • Windows 10
        • Windows 7
0 Kudos
scenarist
Contributor
‎2024-07-05 12:19 AM

I have the same problem. I set everything according to the procedure for using internal DNS servers.

O0vCb2w94l.png

When I connect to remote VPN I have my internal dns in checkpoint virtual adapter but when run nslookup. 

D9W5cE2aCl.png

I also checked reverse lookup zones and it exists. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top