cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1783
Views
0
Helpful
2
Replies

DNS Blocking on RV345

NewUser72346
Level 1
Level 1

I am installing a new RV345 at my small company. I find that once the RV345 is turned on my local DNS requests are blocked. I have several DNS servers, including a Pi Hole But if I try to use any of these servers the DNS requests timeout. If I try to set 8.8.8.8 or 8.8.4.4 as my server I also get timeouts.

I do not have Umbrella installed or configured.

The only way I get DNS to work is to use the RV345 as the server. So I started adding my own DNS entries to the RV345 to get around this but there is a limit of 100 entries (if I knew that before buying then I would have went with something else). I also see there is a limit of 100 entries in DHCP, I have 104 entries that I want to have enabled. :(

Does anyone know what setting I need to tweak to stop the RV345 from blocking my DNS requests.

1 Accepted Solution

Accepted Solutions

I solved the issue.

 

I logged into the Cisco RV345, went to "License" then "Choose Smart Licenses" where I saw the evaluation license for "Security-License." I unchecked this license and clicked Save. About 30 minutes later I noticed that a machine that was constantly complaining about DNS timeouts had stopped complaining. I can now set DNS to point to 8.8.8.8 or 8.8.4.4 on any device on my LAN and get a response back.

 

I did not have any security settings enabled other than basic firewall settings yet this "Security-License" evaluation was causing DNS to be blocked. 

 

One additional data point: While struggling to figure out this issue I did find that using the nslookup "set vc" command got around this issue before shutting off the evaluation license. 

View solution in original post

2 Replies 2

NewUser72346
Level 1
Level 1

One advancement, if I change my Pi Hole server to use the Cisco RV345 as the upstream provider then I can use the Pi Hole as my main DNS. If I use 8.8.8.8 as the upstream provider then DNS times out. If I open If I swap out the RV345 and put my old router back in place then I have no DNS issues at all. Something on the RV345 is blocking the use of external DNS. Any clues on what it might be?

 

nslookup
Default Server: pi-hole <-- with upstream set to Cisco RV345
Address: 192.168.2.194

> www.google.ca
Server: pi-hole
Address: 192.168.2.194

Non-authoritative answer:
Name: www.google.ca
Addresses: 2607:f8b0:400b:801::2003
172.217.165.3

> server 192.168.2.1 <-- Cisco RV345 
Default Server: cisco345.xx.xx
Address: 192.168.2.1

> www.google.ca
Server: cisco345.xx.xx
Address: 192.168.2.1

Non-authoritative answer:
Name: www.google.ca
Addresses: 2607:f8b0:400b:801::2003
172.217.165.3

> server 8.8.8.8 <-- This is where my Pi Hole and other DNS servers on the network used to forward to
Default Server: dns.google
Address: 8.8.8.8

> www.google.ca
Server: dns.google
Address: 8.8.8.8

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to dns.google timed-out
>

> server 206.210.96.168   <--- another public dns address
DNS request timed out.
timeout was 2 seconds.
Default Server: [206.210.96.168]
Address: 206.210.96.168

> www.google.ca
Server: [206.210.96.168]
Address: 206.210.96.168

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to [206.210.96.168] timed-out
>
>
>
> server 65.39.154.31    <--- another public dns address
DNS request timed out.
timeout was 2 seconds.
Default Server: [65.39.154.31]
Address: 65.39.154.31

> www.google.ca
Server: [65.39.154.31]
Address: 65.39.154.31

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to [65.39.154.31] timed-out

I solved the issue.

 

I logged into the Cisco RV345, went to "License" then "Choose Smart Licenses" where I saw the evaluation license for "Security-License." I unchecked this license and clicked Save. About 30 minutes later I noticed that a machine that was constantly complaining about DNS timeouts had stopped complaining. I can now set DNS to point to 8.8.8.8 or 8.8.4.4 on any device on my LAN and get a response back.

 

I did not have any security settings enabled other than basic firewall settings yet this "Security-License" evaluation was causing DNS to be blocked. 

 

One additional data point: While struggling to figure out this issue I did find that using the nslookup "set vc" command got around this issue before shutting off the evaluation license.