Business Community > Controllers > IDS/IPS DNS enabled, causing connection drops
< Controllers

IDS/IPS DNS enabled, causing connection drops

IDS/IPS DNS enabled, causing connection drops

IDS/IPS DNS enabled, causing connection drops
IDS/IPS DNS enabled, causing connection drops
Wednesday - last edited Wednesday
Tags: #Controller #DNS
Model: OC200  
Hardware Version: V2
Firmware Version: 2.20.3 Build 20250305 Rel.65072

Hello.

 

Using the ER8411 router controlled by an OC200 device, we enabled IDS/IPS DNS, along with the rest of the Threat Categories.

 

We have verified that with DNS enabled, some wired users experience internet disconnections caused by this feature. These problems typically last a few minutes, but during the problem, users are unable to browse the internet.

 

After disabling DNS filtering, this problem has not occurred again.

 

Regards.

  0      
 
  0      
 
#1
Options
6 Reply
Re:IDS/IPS DNS enabled, causing connection drops
Wednesday

  @NovaSistemas 

 

I also use an ER8411 and experience the same thing, I had to turn off DNS in the IPS configuration, after I disabled DNS I have not had any problems with IPS,

 

  0  
  0  
#2
Options
Re:IDS/IPS DNS enabled, causing connection drops
Thursday

Hi  @NovaSistemas  @MR.S 

 

Thank you for your feedback about this feature.

 

To understand this issue, would you please share us the following info:

1. Some screenshots showing the IDS/IPS DNS config ;

2. Does this only affect certain clients? If yes, what kind of clients are they?

3. How often will the disconnection issue happen?

4. The firmware version of the ER8411 and the controller you are using.

 

 

Wish you a happy life and smooth network usage!  >Get the Latest Omada SDN Controller Releases Here< >Experience the Latest Omada EAP Firmware<
  0  
  0  
#3
Options
Re:IDS/IPS DNS enabled, causing connection drops
Thursday

Vincent-TP wrote

Hi  @NovaSistemas  @MR.S 

 

Thank you for your feedback about this feature.

 

To understand this issue, would you please share us the following info:

1. Some screenshots showing the IDS/IPS DNS config ;

2. Does this only affect certain clients? If yes, what kind of clients are they?

3. How often will the disconnection issue happen?

4. The firmware version of the ER8411 and the controller you are using.

 

 

  @Vincent-TP 

1.

2. Log is on my pc, but not many pc in my house. for the most IoT and phone and media streamer.

3. unsure, disabled DNS when I figure out what happend. but enabled again for test and the same thing happend

4. 1.2.3, I now use 1.3.0 and I will enable DNS again to se hvat happend with the new version.. I give you more info if it happend again.

 

  1  
  1  
#4
Options
Re:IDS/IPS DNS enabled, causing connection drops
Thursday

  @Vincent-TP 

 

 

This is the current configuration.
Out of a total of 50 users, this has happened to many. I can't specify. All connected via Ethernet.
Disconnections occur several times a day.
The er8411 firmware version is 1.2.3 Build 20241121 Rel.21021

 

  0  
  0  
#5
Options
Re:IDS/IPS DNS enabled, causing connection drops
Thursday

DShield is also problematic - it can interfere with apple devices who use icloud proxy serivces.

 

I cant say i have had any issues with the DNS part of IDS at all, but i do run the DNS proxy cache on my 8411 and have set it to DNS override in the proxy settings to cloudflare and opendns family servers.

Main: ER8411 x1, SG3428X x1, SG3452 x1, SG2428LP x1, SG3210 x1, SG2218P x1, SG2008P x1, ES205G x2, EAP650 x6 Remotes: ER605 v2 x3, SG2008P x2, EAP650 x2 VPN Server: ER7206 v2 Controller: OC300
  0  
  0  
#6
Options
Re:IDS/IPS DNS enabled, causing connection drops
Thursday

  @NovaSistemas  @MR.S 

 

I had emailed you to collect the config file of your controller.

We would like to test this locally. Please kindly check your email inbox. Thanks.

Wish you a happy life and smooth network usage!  >Get the Latest Omada SDN Controller Releases Here< >Experience the Latest Omada EAP Firmware<
  0  
  0  
#7
Options

Information

Helpful: 0

Views: 89

Replies: 6

Tags

Controller DNS
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.