DNS request fails
Hi all,
I have a TZ470 HA pair which 'should' be managed via NSM but they are now showing as 'unmanaged' and am seeing the error 'Failed to synchronize license information with Licensing Server. 1006' in the logs on the firewall itself (and via email alerts). I've tried to synchronize the license with mysonicwall whilst logged into the firewall directly but it gives a network error; a diagnostics 'check network settings' shows that the DNS request failed for all three DNS servers, however I can ping the servers and get an 'alive' response. This has also stopped the signature updates for IPS, Geo & Botnet services.
I can manually add the license and it reappears in NSM and I can login from there, but it is unresponsive once logged in via NSM and I'm still getting a DNS error from diagnostics in the firewall itself. If I try to import the IPS signatures manually it fails with a 'possibly corrupt file' error.
The primary issue here is that DNS resolution is failing but I can't see why at this point. I've tried numerous DNS addresses and all of them can be pinged but I'm always receiving a 'DNS request failed' and the error below regardless of the DNS server tried. Any thoughts on what to check/test next would be much appreciated.
Alert - Network Monitor: Policy diagTestPolicyAuto_8.8.8.8_1_52 status is DOWN
Best Answer
-
Arkwright Community Legend ✭✭✭✭✭
Pick a unique public DNS server [ie something that client devices behind the firewall aren't using], start a packet capture to that IP on port 53 and re-try your diagnostics.
The reason you want a unique DNS server is that the capture would otherwise be overwhelmed with client requests as well as the actual Sonicwall DNS queries that you're interested in.
1