Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1094
Views
0
Helpful
4
Replies

ASA Firepower 5506-X Blocking DNS Service

hoang pham
Level 1
Level 1

‎11-28-2018 06:59 PM - edited ‎03-12-2019 07:08 AM

Hi all,
I've just set up FW 5506-X, after putting DNS server behind the firewall with default "balance and security" intrusion policy, and malware blocking(I added all Category, and chose Block Malware), all pcs and even FW itself cannot use DNS service anymore, every others service like ping, RD are still OK, DNS Server is using win 2008 R2. Checked log and i saw UDP port 53 were allowed (attachment).
 
Please help! Thank you!
Labels:
Preview file
647 KB
Preview file
412 KB
0 Helpful
4 Replies 4

Abheesh Kumar
VIP Alumni
VIP Alumni

‎11-28-2018 11:17 PM

Hi,
As per the logs you provided shows DNS traffic is allowed. Could you check in intrusion events and malware events if anything is getting blocking.

HTH
Abheesh
0 Helpful

hoang pham
Level 1
Level 1
In response to Abheesh Kumar

‎11-28-2018 11:27 PM

Hi Kumar,

 

I checked it, there is no log in Intrusion events, Malware or Security Intelligent ( i ticked only logged at the end of connection )

0 Helpful

Abheesh Kumar
VIP Alumni
VIP Alumni
In response to hoang pham

‎11-28-2018 11:29 PM

can you do a packet tracer and share the output
0 Helpful

hoang pham
Level 1
Level 1
In response to Abheesh Kumar

‎11-28-2018 11:35 PM - edited ‎11-28-2018 11:36 PM

I'll try to do it next time, we removed FW for now, Is there anything else i need to test? Pls put it all here then i will provide u later.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card