Re: Proxy vs. Firewall routing - More of a DNS question
- From: "William Robertson" <william.robertson@xxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 22 Jan 2003 07:43:20 +0200
Hi Jim
I am busy reading your article as mentioned below, but it is prompting
some questions about DNS and I was hoping you could answer.
You say:
"The point to bear in mind is that if ISA is resolving names for the
client, the DNS entries and their order in the Windows TCP/IP settings
on the ISA server will determine how ISA will respond."
So my question is this:
Is it better to point my ISA Server to make use of my Internal DNS
Servers (which are setup to use my ISP's DNS servers as DNS Forwarders)
or should I point my ISA Server directly to the ISP's DNS Servers in
order to save time?
Why I ask this is because ever since I have moved to ISA Server as my
Firewall, my Win2K DNS Servers seem to "lose it" every now and then. I
have to perform the following actions at least once a week to correct
the problem:
1) net stop dns
2) ipconfig /flushdns
3) net start dns
Is it possible that my Win2K DNS Servers and ISA get into some sort of
twist and thus decide DNS traffic is no longer permitted?
Also, is it standard practice to only allow my DNS Servers access to the
"DNS Query" and "DNS Zone Transfer" protocols, or should I be allowing
the ISA Server, and possibly even my client workstations, access to
these protocols as well?
Cheers
William R.
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: 22 January 2003 04:44 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Proxy vs. Firewall routing
http://www.ISAserver.org
That's why I wrote this:
http://isaserver.org/articles/14120_Errors_Discussion_and_Solution.html
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://www.microsoft.com/isaserver
http://isaserver.org/pages/author_index.asp?aut=3
http://isatools.org
Read the help, books and articles!
----- Original Message -----
From: "Nelson Camacho" <ncamacho@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, January 21, 2003 07:15
Subject: [isalist] Proxy vs. Firewall routing
http://www.ISAserver.org
Hi,
I'm having some trouble understand how does ISA do the routing.
The question is:
if i can, from the inside net, browse a web site pointing to a external
IP
of a published web site, why can't i telnet to the same IP of a
published
telnet server?
Outside users can access both servers.
thank for your help
nelson camacho
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
robertson.william@xxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
