Recently we have installed a FW-1 NG FP3 under Linux to protect our DMZ. Since the installation we have experience some problems resolving our domain from external nameservers. It seemed that our DNS servers worked fine when you access directly from outside (I mean, using our-dns-server.our-domain.com) but has some problemas when resolving our domain name form another DNS server. There was many delays. You had to try serveral times to resolv one of our subdomains (with timeouts) until have a rigth answer.
After many days of tests we isolated the problem in our firewall. The problem was solved as soon as we changed from DNS to none the protocol of the domain_udp object.
It seems that FW-1 has a bug in filtering at application level DNS UDPs querys.
Is this a known issue? Or maybe an unknown bug?
Thanks
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
