Firewall: IPSO 3.5 FCS8 / 4.1 SP6 I posted an error to the lists about "allocate_port: could not find a free port for host 0, port 53". As phoneboy replied, this was a well documented error. I just didn't go digging. While our DNS guys are trying to get the internal DNS server to send queries out on a high source port, instead of 53, I was trying to setup static NAT for the traffic, as one of the recommended workarounds. I don't know if it is because I already have a bunch of NAT entries for this server, which originally is subject to HIDE-NAT, but when I setup a manual static NAT rule, I still see traffic going out with the original HIDE address. I can get this to work just fine from my own PC, just doing NSLOOKUPS to our ISP DNS server. They get statically NAT'd just fine. I switch the NAT rule back to our internal DNS server, dump on the external interface for the static address, and get nothing. The queries are going through the firewall, not just getting cached, and are returning successful. Anyone else run into this problem? Thanks for any help.
-Aaron ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
