Hello,
I use McAfee Firewall Enterprise (Sidewinder Firewall) (with Admin Console (8.3.2)) and i have an issue with No DNS option (Network Objects option).
I want to use this option like that (I use transparent DNS) :
I have no problem when I type IP address in my browser (so I through the firewall with). But i cannot access to test.fr when I type "test.fr" in my browser.
I monitored the firewall (with Wireshark, nothing in audit viewer) and I saw DNS request for test.fr. I don't understand why because I checked No DNS option.
Can you tell me why ?
Sorry for my English & Thanks for your help,
JayGr
Solved! Go to Solution.
Technical support :
Based on the topic you created, you'd like typing "example.fr" to map to an IP (192.168.1.1) on clients behind the firewall? If you're running transparent DNS, there's nothing you can configure on the firewall that will do that. The client will always do a DNS lookup for the hostname given, unless you modify its local hosts file.
Hosts objects are used to tell the firewall to do a reverse lookup on addresses it sees connections to, and don't have any impact on what clients see.
If you'd like to continue using transparent DNS, the easiest option would be to contact your local nameserver admin to add an A record for example.fr > 192.168.1.1.
Moved from Home products to Business > Firewall Enterprise (Sidewinder) for better attention.
.
Message was edited by: Ex_Brit on 03/02/14 6:30:29 EST AM
When you do a request for 'test.fr' your browser does a lookup for the IP address for 'test.fr' and then does a SYN for that IP address. If the DNS answer your client gets back (an IP address) is not the same value you have there for this object then it won't match the rule.
Your PC is asking (something) for DNS and getting an answer which is not 192.168.1.1, so you'll need to investigate your DNS resolution in your network.
Thanks for the explanations.
Please tell me how could I do what I want (without modifying the host file) : I would like to associate "test.fr" with 192.168.1.1 for each "test.fr" request from a client.
Is it possible ?
Thanks,
JayGr
Hello,
No idea ?
Reminder : I would like to associate "test.fr" with 192.168.1.1 for each "test.fr" request from a client without modifying the host file. And I use transparent DNS.
Thanks,
JayGr
Technical support :
Based on the topic you created, you'd like typing "example.fr" to map to an IP (192.168.1.1) on clients behind the firewall? If you're running transparent DNS, there's nothing you can configure on the firewall that will do that. The client will always do a DNS lookup for the hostname given, unless you modify its local hosts file.
Hosts objects are used to tell the firewall to do a reverse lookup on addresses it sees connections to, and don't have any impact on what clients see.
If you'd like to continue using transparent DNS, the easiest option would be to contact your local nameserver admin to add an A record for example.fr > 192.168.1.1.
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA