Have you check the UDP reply timeouts ? In case the replies are taking longer than the timeout set on the firewall, the would get dropped.
Preet -----Original Message----- From: Brian Fritz [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 10:05 PM To: [EMAIL PROTECTED] Subject: [FW-1] DNS Question All, After all the IPSO upgrades and service pack upgrades for our Nokia/Checkpoint 4.1 SP5a solution, we started seeing some random results with our DNS servers. Sometimes, it would fail on the first lookup - but after that it would be ok... my question is simple... for the last several years we've had the simple 2 rules for our DNS Servers: 1. Any (Source) DNSServers(Destination) DNS-53(Port) 2. DNSServers (Source) Any (Source) DNS-53 (port) The question is simple...are we missing something obvious??? Our DNS servers are Windows 2000. Thanks in advance... -Brian **************************************************************** Bear Stearns is not responsible for any recommendation, solicitation, offer or agreement or any information about any transaction, customer account or account activity contained in this communication. *********************************************************************** ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
