RE: Flaky DNS server

  • From: "Mark Strangways" <strangconst@xxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Sun, 16 Feb 2003 22:29:07 -0500

Seems to be better.
I knew about the protocol rules of course, but you had specified them. I did
not want to question why you wanted to know, but felt you had reason :)
I have the proper packet filters in place, and I played with the recursion.
This seemed to help nslookup's and such. Especially local names etc...
It still has not helped my PMCIA card problems. I still have to disable the
FW client prior to shut-down. But I am finding that I really don't need it
all that much anyways.

Regards,

Mark S
----- Original Message -----
From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Sunday, February 16, 2003 8:31 PM
Subject: [isalist] RE: Flaky DNS server


http://www.ISAserver.org


Hi Mark,

You have everything working now? A tip for ya: since the DNS server is
on the ISA Server itself, protocol rules do not apply. You need to
create packet filters to allow the DNS server to access the protocols it
requires.

HTH,
Tom

Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp


-----Original Message-----
From: Mark Strangways [mailto:strangconst@xxxxxxxxxx]
Sent: Friday, February 14, 2003 4:21 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Flaky DNS server


http://www.ISAserver.org


see inline
----- Original Message -----
From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, February 14, 2003 12:43 PM
Subject: [isalist] RE: Flaky DNS server


http://www.ISAserver.org


Hi Mark,

Where is the DNS Server?
    On the ISA box
How is is it configured to resolve internet host names?
    Uses forwarders to ISP's DNS servers
What protocol rules do you have in place to support it?
    - Send / Recieve UDP 53
    - Recieve / Send UDP 53
    - Outbound TCP 53
    - Outbound TCP 43 (whois lookups)
Where are you doing the nslookup queries from?
    Useing a SNAT client machine with admin priveledges.

I played with the recursion and it will do lookups now.

Thanks Thomas..

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
strangconst@xxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 02-2003