4. DNS Lookups failing due to binding to nat address

DNS Lookups failing due to binding to nat address

  • S

    When doing a dig i was unable to do DNS lookups due to the following error

    dig @75.75.75.75 cnn.com

    ; <<>> DiG 9.11.1 <<>> @75.75.75.75 cnn.com
    ; (1 server found)
    ;; global options: +cmd
    ;; connection timed out; no servers could be reached

    I did a packet capture and it seems that the lookups are being sourced from the egree NAT IP and not the wan interface.  Is there a way to correct that?  I'm not able to install packages or forward DNS lookups because of this as well.  Thanks

    0
  • LAYER 8 Global Moderator

    Well what are you outbound nat rules?

    0
  • S

    Here is the outbound nat table, it still binds to the .3 address even if i disable the nat.

    Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description Actions
      WAN x.x.x.135/32 * * * NO NAT *  
      WAN x.x.x..0/24 * * * NO NAT *  
      WAN x.x.x.132/32 * * * NO NAT *  
      WAN x.x.x.131/32 * * * NO NAT *  
      WAN x.x.x.133/32 * * * NO NAT *  
      WAN x.x.x.134/32 * * * NO NAT *  
    WAN x.x.222.0/24 * * * x.x.x.27/32 *  
    WAN any * * *         x.x.x.3/32 *

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy