Sophos firewall is blocking DNS queries

[aclawson]

I'm working on the stake clerk machine at the moment, and DNS lookups are failing.

The DNS servers configured by the DHCP server (one of the new firewalls) are, in order

8.8.8.8
4.2.2.2
216.49.176.201

If I stop the service Sophos Client Firewall, DNS lookups work normally. If I restart the service DNS lookups stop working again.

[david.north]

Were you able to resolve this problem outside of turning off the Sophos firewall?
We just experienced a similar problem this past Sunday on all three of the clerk computers in one building.

[johnshaw]

If you access the Sophos Firewall Logs through the management tool you should be able to see denies for port 53 and it will tell you which rule it is. If a rule has been pushed to Sophos we need to escalate it to the GSC and they can get in touch with someone who can get in touch with someone that will/may address the issue in the future at some point.

[david.north]

If you access the Sophos Firewall Logs through the management tool you should be able to see denies for port 53 and it will tell you which rule it is. If a rule has been pushed to Sophos we need to escalate it to the GSC and they can get in touch with someone who can get in touch with someone that will/may address the issue in the future at some point.

Great advice - I'll check the logs and let you know what I find.

[aclawson]

Did you see anything in the logs?

[david.north]

Did you see anything in the logs?

All applications were blocked because of an Invalid Checksum. Global support was unsure how to proceed, and recommended for our circumstance to allow all traffic through the Sophos Firewall and manually set DNS servers.

[aclawson]

Sophos is proving to be an unreliable choice. Unfortunately we're probably locked into an <x> year contract where <x> = 3-5 years.

[russellhltn]

All applications were blocked because of an Invalid Checksum.

Sounds like uninstall/reinstall time. Local Unit Support can help you with that.