Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            DNS Firewall is not working

            COMPLETE CORE

            Introduction

            The Field Effect DNS Firewall service tracks and blocks access to domains associated with malicious web sites.  Setting up and configuring the service is all managed through your my.fieldeffect.net portal.


            Once everything is set up and configured correctly, you may notice that the DNS Firewall is not blocking or recording any traffic.


            Method 1: check DNS connectivity

            Begin by navigating to https://www.dnscheck.tools/. You will be presented with the following results page: 



            This page will present you with some information regarding your public IP address(es). All of these public addresses should be added to the IPs section of your Service Profile. If these IPs were not added to your profile, it may cause connectivity issues with your DNS firewall. To learn how to add IP addresses to your service profile, visit Monitoring Profile: Editing & Updating.


            If this does not fix the issue, and the IPs are in fact added to your Service Profile, please take a screenshot of the results you were given via https://www.dnscheck.tools/ and include it in your support request. We will use this information for further investigation.


            Method 2: check the feature's configuration

            1) First, double-check that your DNS is configured to point the Field Effect DNS Firewall servers (162.219.50.2 / 162.219.51.2)


            Your device may get its DNS resolution from an internal DNS server; in that case make sure that the Field Effect DNS Firewall servers are configured as DNS Forwarders.


            2) To verify that your DNS Firewall service is configured properly, browse to the test site at :

            http://phishing.cira.ca/ 


            3) If you get a timeout or "site not found" message, double-check your external IP and DNS by browsing to:

            https://www.dnscheck.tools/


            • Ensure the the public IP that is returned is part of your MDR monitoring profile. The DNS Firewall uses that IP to authenticate DNS resolution requests, and if it does not have a record of your origination IP, your request will be dropped.
            • Ensure that the returned DNS servers are as expected. The Field Effect DNS Firewall leverages Cira and d-zone servers, so those should be in the list.  


            4) If you have other DNS servers listed, your Internet service provider may be transparently re-routing your DNS requests. For example, Comcast subscribers are affected by a service called Security Edge, which overrides all customer specific DNS queries and instead routes them through Comcasts own DNS servers, bypassing the Field Effect DNS Firewall service.


            If you intend to use the Field Effect DNS Firewall and are a Comcast customer, you should disable the Security Edge service.


            https://business.comcast.com/support/article/internet/securityedge-extended-coverage-settings

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0