Hello, I have an issue with resolving webpages on my network. I have couple of network on my infrastructure. 192.168.150.0/24 for my servers 192.168.160.0/24 for my workstation and more
I checked with Microsoft, MS engineer checked my DNS servers and confirmed they are working fine. I checked with Cisco, Cisco Eng. created TCP Bypass on my ASA and added my computer on the access-list, so it seems the ASA and IPS do not inspect all the traffic generated by my computer. I installed Wire Shark on my computer and tried to open https://My.t-mobile.com I noticed some "Destination unreachable (Port unreachable)" from my computer to my internal DNS server. I can ping my internal DNS server Any idea? Thank you in Advance for your time Alex
1071 2017-12-21 11:15:14.373439 192.168.160.99 192.168.150.1 ICMP 123 Destination unreachable (Port unreachable) Frame 1071: 123 bytes on wire (984 bits), 123 bytes captured (984 bits) on interface 0 Interface id: 0 (\Device\NPF_{EB87B223-29FF-4EE6-AE98-E08E7F0B8A39}) Interface name: \Device\NPF_{EB87B223-29FF-4EE6-AE98-E08E7F0B8A39} Encapsulation type: Ethernet (1) Arrival Time: Dec 21, 2017 11:15:14.373439000 Eastern Standard Time [Time shift for this packet: 0.000000000 seconds] Epoch Time: 1513872914.373439000 seconds [Time delta from previous captured frame: 0.000032000 seconds] [Time delta from previous displayed frame: 0.000032000 seconds] [Time since reference or first frame: 8.893324000 seconds] Frame Number: 1071 Frame Length: 123 bytes (984 bits) Capture Length: 123 bytes (984 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:icmp:ip:udp:dns] [Coloring Rule Name: ICMP errors] [Coloring Rule String: icmp.type eq 3 || icmp.type eq 4 || icmp.type eq 5 || icmp.type eq 11 || icmpv6.type eq 1 || icmpv6.type eq 2 || icmpv6.type eq 3 || icmpv6.type eq 4] Ethernet II, Src: Dell_33:31:4b (18:03:73:33:31:4b), Dst: Cisco_aa:17:47 (e4:d3:f1:aa:17:47) Destination: Cisco_aa:17:47 (e4:d3:f1:aa:17:47) Address: Cisco_aa:17:47 (e4:d3:f1:aa:17:47) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Source: Dell_33:31:4b (18:03:73:33:31:4b) Address: Dell_33:31:4b (18:03:73:33:31:4b) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) Type: IPv4 (0x0800) Internet Protocol Version 4, Src: 192.168.160.99, Dst: 192.168.150.1 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 109 Identification: 0x041f (1055) Flags: 0x00 0... .... = Reserved bit: Not set .0.. .... = Don't fragment: Not set ..0. .... = More fragments: Not set Fragment offset: 0 Time to live: 128 Protocol: ICMP (1) Header checksum: 0x0000 [validation disabled] [Header checksum status: Unverified] Source: 192.168.160.99 Destination: 192.168.150.1 [Source GeoIP: Unknown] [Destination GeoIP: Unknown] Internet Control Message Protocol Type: 3 (Destination unreachable) Code: 3 (Port unreachable) Checksum: 0xb501 [correct] [Checksum Status: Good] Unused: 00000000 Internet Protocol Version 4, Src: 192.168.150.1, Dst: 192.168.160.99 0100 .... = Version: 4 .... 0101 = Header Length: 20 bytes (5) Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) 0000 00.. = Differentiated Services Codepoint: Default (0) .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0) Total Length: 81 Identification: 0x2483 (9347) Flags: 0x00 0... .... = Reserved bit: Not set .0.. .... = Don't fragment: Not set ..0. .... = More fragments: Not set Fragment offset: 0 Time to live: 127 Protocol: UDP (17) Header checksum: 0x5f63 [validation disabled] [Header checksum status: Unverified] Source: 192.168.150.1 Destination: 192.168.160.99 [Source GeoIP: Unknown] [Destination GeoIP: Unknown] User Datagram Protocol, Src Port: 53, Dst Port: 59522 Source Port: 53 Destination Port: 59522 Length: 61 Checksum: 0xd5b5 [unverified] [Checksum Status: Unverified] [Stream index: 47] Domain Name System (response) Transaction ID: 0xe74a Flags: 0x8182 Standard query response, Server failure 1... .... .... .... = Response: Message is a response .000 0... .... .... = Opcode: Standard query (0) .... .0.. .... .... = Authoritative: Server is not an authority for domain .... ..0. .... .... = Truncated: Message is not truncated .... ...1 .... .... = Recursion desired: Do query recursively .... .... 1... .... = Recursion available: Server can do recursive queries .... .... .0.. .... = Z: reserved (0) .... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server .... .... ...0 .... = Non-authenticated data: Unacceptable .... .... .... 0010 = Reply code: Server failure (2) Questions: 1 Answer RRs: 0 Authority RRs: 0 Additional RRs: 0 Queries geover-prod.do.dsp.mp.microsoft.com: type A, class IN Name: geover-prod.do.dsp.mp.microsoft.com [Name Length: 35] [Label Count: 6] Type: A (Host Address) (1) Class: IN (0x0001)