NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Reprovo's avatar
Reprovo
Follower
Sep 29, 2016

FVS318G V2 DNS traffic getting through

Hi.

 

I'm having an Issue with an FVS318G V2. I have only ping and port 8000 open for a specific address and all other traffic Is blocked but DNS requests are managing to get through. 

 

Is this even possible ?  Could a virus/malware somehow pull this off and bypass the firewall ?

bypass
DNS
firewall
Traffic
Troubleshooting

2 Replies

  • Danthem's avatar
    Danthem
    NETGEAR Employee
    Oct 01, 2016

    Do you have DNS proxy turned on in the FW?

     

    Maybe your clients are sending their DNS requests to the FVS, the FVS will then forward them on to your ISP's DNS server (or whatever DNS server you've set up under WAN settings). I believe this makes it so that the DNS request is sent out by the FVS itself and thus bypasses the firewall. 

     

    But please note that the above is just a bit of a guess, I've not tested/confirmed this behaviour. Try turning off DNS proxy in your LAN settings or point the client's DNS server to something like 8.8.8.8 (google's DNS) and see if DNS requests are still going out.

     

     

  • JohnRo's avatar
    JohnRo
    NETGEAR Employee Retired
    Sep 30, 2016

    Hello Reprovo, 

     

    Welcome to the community! 

     

    Can you post your firewall rules? I'd like to know the firmware version you are using. How long have you been having this issue? 

     

    Thanks,

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More