Hi! I have installed CheckPoint Firewall-1 4.1 SP6 on Solaris 8.
My DNS was functioning OK but suddenly my clients can not resolve DNS although I have an explicit rule that allows query to the server and the server is fine. The logs show: 17:14:58 drop FW-Server >hme2 proto udp src 10.20.50.17 dst x.x.x.x service domain-udp s_port 1096 len 65 rule 135 On the other hand, I detected the Firewall-1 denies the replies packets to the server, I mean, the DNS server can not query other servers outside the network., because the Firewall drops the replies, although the option "Accept UDP Replies" in the global Policies, is activated. The logs show: 17:14:58 drop FW-Server >hme2 proto udp src 64.156.138.3 dst x.x.x.x service 1025 s_port domain-udp len 65 rule 135 The only way the domain service works fine is adding the rule: >From Any - To ServerDNS - Any Service - Accept. Please, I need somebody to help me. Thanks. Saily. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.629 / Virus Database: 403 - Release Date: 17/03/2004 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
