TZ270 v7.1.2 DNS Resolution Broken
fredfernandes_137
Newbie ✭
I have a case open with Sonicwall support, but they seem to be stumped so I figured I'd give the community a shot. TZ270, latest firmware. Devices behind the firewall can resolve DNS no problem. The TZ270 itself cannot. No matter what DNS address I use, nothing resolves. Cant resolve the license manager so the firewall is showing as not registered. When doing a DNS lookup under Diagnostics, in the 'DNS Server Used' field, it's always blank. Under 'Check Network Settings' > 'Security Management' none of the services get 'Resolve host name failed'. Packet monitor shows the DNS request go out, comes back from the DNS server successfully, yet no resolve-o. I must have tried everything I've found online and even had a Senior Engineer from Sonicwall troubleshoot and nothing…
Any ideas?
Answers
I cannot verify this, it's working fine on my 7.1.2 deployment. Was your configuration migrated from an older version or did you updated from 7.0/7.1? My deployment was configured from the ground up after resetting to factory defaults.
—Michael@BWC
Updated from 7.1.1 back in september. Started happening right after enabling the Cloud Secure Edge trial. I'm not sure if its the cause of the issue or just a coincidence.
Guillermo from SW support figured it out. I had enabled the free trial of Cloud Secure Edge as part of training and it adds a NAT Rule of 'Any - X1 - All Interface IP - Any' with source address 'WAN RemoteAccess Networks' above the normal NAT rule, so then any traffic out through X1 was coming from 0.0.0.1 instead of the X1 IP. He created a new NAT rule above that one as a workaround for now. Anyone know how to get rid of a system generated NAT rule? 😃