cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
618
Views
40
Helpful
3
Replies

Umbrella issues with UTM proxy

techno.it
Beginner
Beginner

I have a client using UTM firewall and we recently deployed Cisco DNS Umbrella for them with two virtual appliances.

At the moment, internal DNS clients are pointing to internal DNS servers. On the forwarder settings of the DNS server, we have configured VA's IPs. UTM firewall act as transparent proxy and intercepts any incoming web traffic from internal network. As per the recommendation of this article, UTM is also using VA's IP address as forwarder. Everything is working as it should.

 

The problem is, the customer has isolated internal network for R&D purposes. This network doesn't communicate with corporate network at all. Clients in this network are configured with Google DNS, however, some web pages are behaving improperly and content is getting blocked. And once we remove the VA's IP from UTM, it just works fine.

Any insights or help would be appreciated.

 

3 Replies 3

Ken Stieers
VIP Advisor VIP Advisor
VIP Advisor
Sometimes Umbrella will actually redirect you to their proxy. So 1, if your UTM is decrypting, it needs Umbrella's root cert. Your R&D boxes may need it as well, when Umbrella proxies and decrypts and your UTM doesn't (depending upon how those decisions are made)

techno.it
Beginner
Beginner

@Ken Stieers 
I do not want these clients to proxy traffic to Umbrella. Some traffic is getting blocked by Umbrella though they are using Google DNS.

Your FIREWALLS, which are proxying the connection are using your internal DNS servers, which are using Umbrella.
Ken

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers