Firewall Suite report shows IP addresses instead of domain names even when the profile is configured to completed DNS resolution.


This article applies to:

  • Firewall Suite 4.X

Symptoms:

  • Firewall Suite report shows IP addresses instead of domain names even when the profile is configured to completed DNS resolution.
  • IP addresses are not being resolved into domain names.

Causes:

This is often the result of Firewall Suite trying to use an IP address that is inappropriate for your DNS server. The machine on which Firewall Suite is installed may have an incorrect DNS server setting.

Information:

To make sure that Firewall Suite is pointing to the correct IP address for your DNS server, please follow these steps.

  1. Check the root installation directory of Firewall Suite, where you will find a file, wt_dns.log

  2. Open this file and locate the IP address(es) Firewall Suite is using for DNS look-up. 

  3. The IP address in this file should be the address of your DNS server.  If you are using a DNS server provided by your ISP, you may need to contact them to confirm their DNS server's IP address.  


A sample of what you would find in the wt_dns.log file is shown here.

May-02-2002 07:15:42: DEBUG_INFO: Loading wtDns.dll.
May-02-2002 07:15:43: Server opened: 192.168.0.0
May-02-2002 07:15:43: Server opened: 192.168.0.1
May-02-2002 07:17:14: Server Stats for 192.168.0.0 : Sent 5 Completed 5 Failed 0 Outstanding 0 Timed out 0
May-02-2002 07:17:14: Server Stats for 192.168.0.1 : Sent 5 Completed 5 Failed 0 Outstanding 0 Timed out 0
May-02-2002 07:17:14: DEBUG_INFO: Unloaded wtDns.dll

If the IP addresses shown in this file are different from your DNS server's IP address, please follow these steps to modify your DNS server settings.

  1. Click Start | Settings | Control Panel.

  2. Double-click Network connections.

  3. Right click your network connection and select Properties.

  4. Highlight TCP/IP and select Properties.

  5. Select/modify an IP address from within the DNS server tab.

  6. Click OK.


After you have made the changes to the DNS server you must stop and start the Firewall Suite. 

Notes:

Versions 4.0 and above of Firewall Suite do not use WINS DNS to perform look-ups.

You may receive more than one IP address for your DNS server.  Try each of the IP addresses that you receive, as one might perform better than another.  You may find one or two servers that serve your purpose.  You may not know which IP addresses will work best until you run your tests.

This article was previously published as:
NETIQKB3939

Last Modified 4/12/2006.
https://support.trustwave.com/kb/KnowledgebaseArticle10807.aspx