Enrico,
Either check the policy properties for DNS or
allow the return traffic in the rulebase.
Robert
- -
Robert P. MacDonald, Network Engineer
e-Business Infrastructure
G o r d o n F o o d S e r v i c e
Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
>>> Enrico Sorge <[EMAIL PROTECTED]> 8/23/00 10:50:58 AM >>>
>
>Here the problem
>I've got DNS1, I set a rule on FW-1 that allow domain-udp queries and
>replies from
>any hosts. There was nothing to do. Internal hosts couldn't query the DNS1
>Looking at the logs, I see that the firewall accept the
>'domain-udp-requests'(LAN >DNS1 >ROOTSERVERS) but stop the
>'domain-udp-replies' from
>Root-servers.
>There are no other ruleset that stop this one.
>
>I notate that only specifing:
>
>Any Source DNS1 Dest any protocol ACCEPT
>
>I could use the DNS1 without problems.
>I've checked the Implicit rules, all is ok.
>
>Any ideas?
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
