We use a Sonicawall NSA series for our firewall (and only for firewalling). On the sonic wall, we use the GEO IP portion and block China. (because reasons above my pay grade).
We're using the All Connections for the GEO IP filter, so basically there is no way to add exclusions for websites to the Sonic Wall unless we use Firewall Based exclusions. (not yet been discussed, but will be).
So another member of our team brought to my attention that DNS Conditional Forwarding was being used to get around this. Tested and it auto-magically works.
A) how does the GEO IP filter work on the sonic wall? Is it only DNS and reverse DNS? Is it blocking the actual IP from those countries? B) If all traffic out to the net traverses this firewall, how does DNS conditional forwarding get around this? I see we use google to resolve the domains of concern, but I would think this would only work if our AD DNS was pointed to the Sonic Wall, which I'm told its not.
Please excuse my lack of knowledge on this specific topic.
No comments:
Post a Comment