Re: Proxy vs. Firewall routing - More of a DNS question

• From: "John Tolmachoff" <isalist@xxxxxxxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 21 Jan 2003 23:14:02 -0800

> Why I ask this is because ever since I have moved to ISA Server as my
> Firewall, my Win2K DNS Servers seem to "lose it" every now and then. I
> have to perform the following actions at least once a week to correct
> the problem:

Is the ISA server part of the internal domain?

If so, the internal adapter should have DNS of the internal DNS servers and
the external adapter DNS should be blank.

> Also, is it standard practice to only allow my DNS Servers access to the
> "DNS Query" and "DNS Zone Transfer" protocols, or should I be allowing
> the ISA Server, and possibly even my client workstations, access to
> these protocols as well?

Internal DNS servers need to be able to Query external ISP servers if the
ISP servers are setup as forwarders. Unless you have a secondary server
outside of your network, DNS Zone transfers should not be allowed. Clients
will only query the DNS servers they are configured with.

John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA  92835
www.reliancesoft.com

Other related posts:

• » Re: Proxy vs. Firewall routing - More of a DNS question
• » Re: Proxy vs. Firewall routing - More of a DNS question
• » Re: Proxy vs. Firewall routing - More of a DNS question
• » Re: Proxy vs. Firewall routing - More of a DNS question

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page
• » View list details
• » Manage your subscription