Critical Services Blocked (Internet, DNS, Other Traffic)
Change Review
- Have there been recent changes to:
- IP policies
- NAT rules
- Service objects
- License status
- Revert to the last known good configuration if needed.
Diagnostic Actions
- Run packet captures on relevant interfaces.
- Filter by service-specific ports (e.g., 53 for DNS, 443 for HTTPS).
- Review logs for dropped or denied connections.
- Validate NAT and route behavior:
- Use the ping command with
-v
,-srcif
,-srcip
, and-tcp port
flags to test how the firewall handles traffic.
- Use the ping command with
- Check DNS resolution from the firewall:
- Use the command:
dns -query <domain>
- Note: This uses the firewall’s DNS settings. Confirm under
System > DNS
.
- Use the command:
- Validate feature licenses:
- Use the command:
lic
to view license status and feature availability.
- Use the command:
Recovery Milestones
- Affected services are reachable from clients.
- Traffic is forwarded correctly; root cause is upstream.
- Reverting configuration restores service flow.
Related articles
No related articles found.