Endpoint Protection

 View Only

  • 1.  FW rule not working when using FQDN in host group

    Posted Feb 05, 2016 08:17 AM

    Hey,

    one of our customers has the following issue:

    He created a host group using the FQDN. He then used this host group to create a FW rule to allow certain traffic. But instead, the traffic is blocked when using FQDN unless the customer performs an nslookup on the destination host. When using the IP address everything works fine.

    Server 2008 R2 Datacenter SP1, SEP 12.1.6 MP2

    Any ideas?

    Thanks in advance!



  • 2.  RE: FW rule not working when using FQDN in host group

    Posted Feb 08, 2016 12:39 PM

    i would suggest you to go ahead and use the IP address.



  • 3.  RE: FW rule not working when using FQDN in host group

    Posted Feb 08, 2016 12:43 PM

    What shows in the Traffic log?



  • 4.  RE: FW rule not working when using FQDN in host group

    Posted Feb 09, 2016 03:23 AM
      |   view attached

    Hello,

    We had similar problem and fixed it by enabling reverse DNS lookup in the firewall policy. Our issue was the following. When the laptops are not connected to corporate network (but to public) they have to do VPN connection and we allowed the traffic for the VPN portals by name. But even though it was allowed by name, outgoing traffic was blocked (and the Traffic log was showing remote IP is blocked). So we enabled rDNS in the Public FW policy and issue fixed. You can test it to see if it helps

    Regards