Here the problem
I've got DNS1, I set a rule on FW-1 that allow domain-udp queries and
replies from
any hosts. There was nothing to do. Internal hosts couldn't query the DNS1
Looking at the logs, I see that the firewall accept the
'domain-udp-requests'(LAN >DNS1 >ROOTSERVERS) but stop the
'domain-udp-replies' from
Root-servers.
There are no other ruleset that stop this one.
I notate that only specifing:
Any Source DNS1 Dest any protocol ACCEPT
I could use the DNS1 without problems.
I've checked the Implicit rules, all is ok.
Any ideas?
--------------------------------------------------------------------------------------------------------------------------------------
Enrico Sorge <[EMAIL PROTECTED]>
Network & System Administrator - security and firewall tester
NetBusiness S.p.A. - Divisione Tecnica
--------------------------------------------------------------------------------------------------------------------------------------
KeyID: 0x81F35C95 Fingerprint: A338 C029 50DB 110B 1699 014E 971C 3169 81F3 5C95
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
