DNS requests are leaking out of VLAN

vlan
#1

Surf SOHO firmware version 7.1.2 build 3310

There is a single iOS device connected to the router. It is connected to an isolating VLAN. That is, the VLAN has Inter-VLAN routing off and the SSID has Layer 2 Isolation on.

From a Windows machine that is Ethernet connected and on the private LAN, I can see the DNS requests made by this iOS device. I see the DNS requests as coming from the public IP address of the router, but I do see them.

Probably irrelevant: The SSID is WPA2 Enterprise using a NAS that lives on private LAN as the radius server. The Windows 7 computer is connected to a dumb switch.

As expected, I also see DNS requests from the private LAN 192.168.1.x, Also, the destination address of the DNS server is OpenDNS which it should be as that’s what the router forces all attached devices to use.

The Windows software is DNSQuerySniffer from www.nirsoft.net. Here is an example of an iOS DNS request:

I also see Peplink requests for time of day (NTP) as shown below. This too, appears to be coming from the public IP address of the router (blacked out in the image).

I have the entire log (maybe an hours worth of data) as a 10MB plain text file, if that helps.

0 Likes

#2

@Michael234

Would you please PM me the log file ?

Thank You

1 Like

#3

PM? Whats that?

0 Likes

#4

Private Message.

1 Like

#5

Thanks, but I’m still lost. There are quite a few private messaging systems. Is there one on this forum? If so, I am not familiar with it.

0 Likes

#6

Click on the name of the author of that post and there will be a blue Message button in the top right corner of the pop up.

1 Like

#7

Thank you.

1 Like