No requests in Teams dashboard anymore

Security Gateway
#1

Hello
Some weeks ago, I configured my ASUS router to use 172.64.36.1 and 172.64.36.2 as DoT.
DNS Filter is set to “router”.
My WAN-IP matches with the IP in Teams-Location.
Now, since about two days, I don’t see any requests anymore. See screenshots.

1
1999×889 63.1 KB
2
2990×939 101 KB
3
31569×559 45.9 KB
4
41577×737 34.7 KB
5
5827×461 15 KB
6

#2

I’m not clear why the first section uses 1.1.1.1 and 1.0.0.1, while the second section uses Gateway.

That 7-day graph shows some activity in the last two days. I believe each slice is about 7 hours. But I don’t know why your Last Hour screen would have no data. How does the Last 24 Hours screen look?

1 Like
#3

Thanks for the fast answer.
The first section is DNS without DoT which is only used by router itself (e.g. in router terminal “nslookup ibm.com” then 1.1.1.1 is the DNS resolver)
The second section is the DoT which is used by the clients behind the router. All clients are forced to use the router as DNS (DNS Filter is set to router).
https://ipleak.net/ says my DNS is 172.68.49.27
Here is the last 24h screen:

7
71586×716 34.8 KB

#4

I still don’t know why there’s no logging. Do you know if your Gateway filters are actually being applied?

1 Like
#5

Yes, the policy is beeing applied to my location.

9
91032×861 26.5 KB

The last request I see are from 3 days ago.

8
81551×574 50.1 KB

#6

Hi @stonecarver, you’re on the deep purple bleeding edge here–we just released DoT support for Gateway on Friday :slight_smile:

Here are the docs, I think you need to update the IP address on your Asus router, the TLS auth host name appears to be correct.

2 Likes
#7

But, but I used 172.64.36.1 and 172.64.36.2 as DoT since some weeks without problems.
1.1.1.1/help confirmed I was using DoT.
So it was Friday 13th this stopped working…hmmmm…

Now, do I have to put my DoT hostname adress instead of 172.64.36.1 and 172.64.36.2 adress in my router?
I’m missing the fallback if my DoT hostname adress becomes unavailable. Or is this irrelevant?

#8

Use the following for your Asus router config:
IP Address: 162.159.36.5
TLS Hostname: 8yw3rp1kwl.cloudflare-gateway.com

1 Like
#9

Thanks, the dashboard is showing requests again.
But what if 162.159.36.5 becomes unresponsive? Is there any fallback/second IP DoT?

#10

162.159.36.20 also works (nslookup your DoT endpoint gives you the available addresses) :smile:

1 Like
#11

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.