- Products
- Learn
- Local User Groups
- Partners
- More
CheckMates Fifth Birthday
Celebrate with Us!
days
hours
minutes
seconds
Join the CHECKMATES Everywhere Competition
Submit your picture to win!
Check Point Proactive support
Free trial available for 90 Days!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
The 2022 MITRE Engenuity ATT&CK®
Evaluations Results Are In!
Now Available: SmartAwareness Security Training
Training Built to Educate and Engage
MITRE ATT&CK
Inside Check Point products!
CheckFlix!
All Videos In One Space
Greetings!
I am seeing constant Alert error messages in our logs with reason: Firewall - Domain resolving error. Check DNS configuration on the gateway (0) .
Here are the statistics: R80.20, running on VSX, JHF Take 103 applied,
Initially I thought the issue was being caused by the fact that in VSX the DNS servers for each context are the same (SK152873 - a large oversight if you ask me but) so with some redesign I was able to find 3 common DNS targets that would work in this scenario. Once that was applied, I still am seeing tons of these alert errors.
From the CLI I am able to confirm that all of the VSX contexts resolve DNS using dig/nslookup etc so I am not sure why I would be seeing this behavior
Hi,
I guess you are using domain objects, right?
We had such issue in the past which should be solved.
I will check it internaly and will update.
Hi,
the fix included in on going JHF take 117, if you can move to this take it will be great.
if not i suggest to open a ticket for CP support to ask a port fix.
Thanks,
Ilya
Hi Ilya,
We have same issue on r80.30 HF take 111, can you check internaly if that fix was ported to r80.30 ?
Hi Khalid,
The fix already included in R80.30 GA version so i suggest to open a TAC case and share it with me so i can check with RnD owners.
Probably you have resolved it by now but if not make sure that TCP DNS lookups are allowed from your gateway
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY