FMS and DNS queries with blocked format on Checkpoint firewall
Support suggested I check here to see if anyone in the community has any knowledge on this issue. We implemented a Checkpoint firewall and the built in safety measures are stoping FMS from autheticating to an LDAP server on the same subnet. It's reason for this in the logs is that it's making DNS queries with invalid characters. We've tested this out and it seems clear that this is true, that when FMS looks for the LDAP server to authenticate a user it's making a query that uses something other than alphanumeric characters. We disable this rule, things work fine. We would like to have some confirmation of the format FMS is using to make these DNS queries so we know what characters it's using that Checkpoint feels are invalid. This not only would assure us of the situation, but also provide us with a list of characters we could try to make exceptions for in the firewall settings.