Allowing the DNS in a config ??? [7:1240]
Hey all- I'm setting up my home network with a dual Ethernet 2500. I have most the config written for PAT (or NAT Inside Overload), better know as "TOO CHEAP TO PAY FOR EXTRA IP'S" :o) I'm @ a loss as far as how to get the Cisco to resolve Domain Names or pass through that access. Let me be less specific give the symptoms... I have the router up translating address (many 10. addresses to on outside IP). I can Ping anything out on the Internet, but I am not able to get WebPages to resolve on the PC or Ping anything with a Domain Name (router or PC). The cable company has everything to obtain Dynamically on the PC. There are no DNS, Proxy, or default gateway settings in the PC control panel. Firewall#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Firewall ! enable password Phil ! ip subnet-zero ! interface Ethernet0 ip address 10.1.1.1 255.255.255.0 no ip directed-broadcast ip nat inside ! interface Ethernet1 ip address 24.X.X.72 255.255.255.0 no ip directed-broadcast ip nat outside ! ip default-gateway 24.X.X.1 ip nat pool Molly 24.X.X.72 24.X.X.72 netmask 255.255.255.0 ip nat inside source list 1 pool Molly overload ip classless ip route 0.0.0.0 0.0.0.0 24.X.X.1 ! access-list 1 permit 10.1.1.0 0.0.0.255 ! line con 0 transport input none line aux 0 line vty 0 4 login ! end Any ideas ??? Thanks Phil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1240t=1240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Allowing the DNS in a config ??? [7:1240]
Hello, If I understand you correctly, you want the router to act as a DNS server or to at least allow the DNS through it? As you probably know, the router can't act as a DNS server, it can act as a DNS client. It should be able to pass the DNS traffic along since I see there are no access-lists stopping it. I would configure your PC with a DNS server from your ISP manually, as well as the gateway, and proxy settings. Do you have a firewall between your PC and the router that might be blocking the DNS traffic ? -Daniel- On Thu, 19 Apr 2001, Circusnuts wrote: Hey all- I'm setting up my home network with a dual Ethernet 2500. I have most the config written for PAT (or NAT Inside Overload), better know as "TOO CHEAP TO PAY FOR EXTRA IP'S" :o) I'm @ a loss as far as how to get the Cisco to resolve Domain Names or pass through that access. Let me be less specific give the symptoms... I have the router up translating address (many 10. addresses to on outside IP). I can Ping anything out on the Internet, but I am not able to get WebPages to resolve on the PC or Ping anything with a Domain Name (router or PC). The cable company has everything to obtain Dynamically on the PC. There are no DNS, Proxy, or default gateway settings in the PC control panel. Firewall#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Firewall ! enable password Phil ! ip subnet-zero ! interface Ethernet0 ip address 10.1.1.1 255.255.255.0 no ip directed-broadcast ip nat inside ! interface Ethernet1 ip address 24.X.X.72 255.255.255.0 no ip directed-broadcast ip nat outside ! ip default-gateway 24.X.X.1 ip nat pool Molly 24.X.X.72 24.X.X.72 netmask 255.255.255.0 ip nat inside source list 1 pool Molly overload ip classless ip route 0.0.0.0 0.0.0.0 24.X.X.1 ! access-list 1 permit 10.1.1.0 0.0.0.255 ! line con 0 transport input none line aux 0 line vty 0 4 login ! end Any ideas ??? Thanks Phil FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1248t=1240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Allowing the DNS in a config ??? [7:1240]
To have the router become a DNS client you would configure the following: ip name-server xxx.xxx.xxx.xxx ip name-server xxx.xxx.xxx.xxx It will then do DNS lookups, make sure you don't have ip domain-lookup turned off on the router. -Daniel- On Thu, 19 Apr 2001, Circusnuts wrote: Forgive me- I did find the stats sheet from the ISP was able to configure the workstation to find the DNS server. Everything is UP now. I am aware the router cannot become the DNS server, but what are the commands to allow it to perform DNS lookup (or allow the router access to the DNS server) for it's own resolution ??? Thanks Phil - Original Message - From: Daniel Serna To: Circusnuts Cc: Sent: Thursday, April 19, 2001 1:00 PM Subject: Re: Allowing the DNS in a config ??? [7:1240] Hello, If I understand you correctly, you want the router to act as a DNS server or to at least allow the DNS through it? As you probably know, the router can't act as a DNS server, it can act as a DNS client. It should be able to pass the DNS traffic along since I see there are no access-lists stopping it. I would configure your PC with a DNS server from your ISP manually, as well as the gateway, and proxy settings. Do you have a firewall between your PC and the router that might be blocking the DNS traffic ? -Daniel- On Thu, 19 Apr 2001, Circusnuts wrote: Hey all- I'm setting up my home network with a dual Ethernet 2500. I have most the config written for PAT (or NAT Inside Overload), better know as "TOO CHEAP TO PAY FOR EXTRA IP'S" :o) I'm @ a loss as far as how to get the Cisco to resolve Domain Names or pass through that access. Let me be less specific give the symptoms... I have the router up translating address (many 10. addresses to on outside IP). I can Ping anything out on the Internet, but I am not able to get WebPages to resolve on the PC or Ping anything with a Domain Name (router or PC). The cable company has everything to obtain Dynamically on the PC. There are no DNS, Proxy, or default gateway settings in the PC control panel. Firewall#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Firewall ! enable password Phil ! ip subnet-zero ! interface Ethernet0 ip address 10.1.1.1 255.255.255.0 no ip directed-broadcast ip nat inside ! interface Ethernet1 ip address 24.X.X.72 255.255.255.0 no ip directed-broadcast ip nat outside ! ip default-gateway 24.X.X.1 ip nat pool Molly 24.X.X.72 24.X.X.72 netmask 255.255.255.0 ip nat inside source list 1 pool Molly overload ip classless ip route 0.0.0.0 0.0.0.0 24.X.X.1 ! access-list 1 permit 10.1.1.0 0.0.0.255 ! line con 0 transport input none line aux 0 line vty 0 4 login ! end Any ideas ??? Thanks Phil FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1263t=1240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Allowing the DNS in a config ??? [7:1240]
Forgive me- I did find the stats sheet from the ISP was able to configure the workstation to find the DNS server. Everything is UP now. I am aware the router cannot become the DNS server, but what are the commands to allow it to perform DNS lookup (or allow the router access to the DNS server) for it's own resolution ??? Thanks Phil - Original Message - From: Daniel Serna To: Circusnuts Cc: Sent: Thursday, April 19, 2001 1:00 PM Subject: Re: Allowing the DNS in a config ??? [7:1240] Hello, If I understand you correctly, you want the router to act as a DNS server or to at least allow the DNS through it? As you probably know, the router can't act as a DNS server, it can act as a DNS client. It should be able to pass the DNS traffic along since I see there are no access-lists stopping it. I would configure your PC with a DNS server from your ISP manually, as well as the gateway, and proxy settings. Do you have a firewall between your PC and the router that might be blocking the DNS traffic ? -Daniel- On Thu, 19 Apr 2001, Circusnuts wrote: Hey all- I'm setting up my home network with a dual Ethernet 2500. I have most the config written for PAT (or NAT Inside Overload), better know as "TOO CHEAP TO PAY FOR EXTRA IP'S" :o) I'm @ a loss as far as how to get the Cisco to resolve Domain Names or pass through that access. Let me be less specific give the symptoms... I have the router up translating address (many 10. addresses to on outside IP). I can Ping anything out on the Internet, but I am not able to get WebPages to resolve on the PC or Ping anything with a Domain Name (router or PC). The cable company has everything to obtain Dynamically on the PC. There are no DNS, Proxy, or default gateway settings in the PC control panel. Firewall#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Firewall ! enable password Phil ! ip subnet-zero ! interface Ethernet0 ip address 10.1.1.1 255.255.255.0 no ip directed-broadcast ip nat inside ! interface Ethernet1 ip address 24.X.X.72 255.255.255.0 no ip directed-broadcast ip nat outside ! ip default-gateway 24.X.X.1 ip nat pool Molly 24.X.X.72 24.X.X.72 netmask 255.255.255.0 ip nat inside source list 1 pool Molly overload ip classless ip route 0.0.0.0 0.0.0.0 24.X.X.1 ! access-list 1 permit 10.1.1.0 0.0.0.255 ! line con 0 transport input none line aux 0 line vty 0 4 login ! end Any ideas ??? Thanks Phil FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1270t=1240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Allowing the DNS in a config ??? [7:1240]
I use ip name-server dns-ip-address to make name resolution work on the router dave h -Original Message- From: Circusnuts [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 19, 2001 3:00 PM To: [EMAIL PROTECTED] Subject: Re: Allowing the DNS in a config ??? [7:1240] Forgive me- I did find the stats sheet from the ISP was able to configure the workstation to find the DNS server. Everything is UP now. I am aware the router cannot become the DNS server, but what are the commands to allow it to perform DNS lookup (or allow the router access to the DNS server) for it's own resolution ??? Thanks Phil - Original Message - From: Daniel Serna To: Circusnuts Cc: Sent: Thursday, April 19, 2001 1:00 PM Subject: Re: Allowing the DNS in a config ??? [7:1240] Hello, If I understand you correctly, you want the router to act as a DNS server or to at least allow the DNS through it? As you probably know, the router can't act as a DNS server, it can act as a DNS client. It should be able to pass the DNS traffic along since I see there are no access-lists stopping it. I would configure your PC with a DNS server from your ISP manually, as well as the gateway, and proxy settings. Do you have a firewall between your PC and the router that might be blocking the DNS traffic ? -Daniel- On Thu, 19 Apr 2001, Circusnuts wrote: Hey all- I'm setting up my home network with a dual Ethernet 2500. I have most the config written for PAT (or NAT Inside Overload), better know as "TOO CHEAP TO PAY FOR EXTRA IP'S" :o) I'm @ a loss as far as how to get the Cisco to resolve Domain Names or pass through that access. Let me be less specific give the symptoms... I have the router up translating address (many 10. addresses to on outside IP). I can Ping anything out on the Internet, but I am not able to get WebPages to resolve on the PC or Ping anything with a Domain Name (router or PC). The cable company has everything to obtain Dynamically on the PC. There are no DNS, Proxy, or default gateway settings in the PC control panel. Firewall#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Firewall ! enable password Phil ! ip subnet-zero ! interface Ethernet0 ip address 10.1.1.1 255.255.255.0 no ip directed-broadcast ip nat inside ! interface Ethernet1 ip address 24.X.X.72 255.255.255.0 no ip directed-broadcast ip nat outside ! ip default-gateway 24.X.X.1 ip nat pool Molly 24.X.X.72 24.X.X.72 netmask 255.255.255.0 ip nat inside source list 1 pool Molly overload ip classless ip route 0.0.0.0 0.0.0.0 24.X.X.1 ! access-list 1 permit 10.1.1.0 0.0.0.255 ! line con 0 transport input none line aux 0 line vty 0 4 login ! end Any ideas ??? Thanks Phil FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1273t=1240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Allowing the DNS in a config ??? [7:1240]
Heh, I bet most of us turn dns look-ups off when we are on routers :) Anyway, the command is 'ip domain-lookup' It should be on by default. When you set up the router as a firewall you need to allow tcp port 43 for DNS to come into your private network (please correct me if I am wrong on this). I hope that answers your questions. Ben --- Circusnuts wrote: Forgive me- I did find the stats sheet from the ISP was able to configure the workstation to find the DNS server. Everything is UP now. I am aware the router cannot become the DNS server, but what are the commands to allow it to perform DNS lookup (or allow the router access to the DNS server) for it's own resolution ??? Thanks Phil - Original Message - From: Daniel Serna To: Circusnuts Cc: Sent: Thursday, April 19, 2001 1:00 PM Subject: Re: Allowing the DNS in a config ??? [7:1240] Hello, If I understand you correctly, you want the router to act as a DNS server or to at least allow the DNS through it? As you probably know, the router can't act as a DNS server, it can act as a DNS client. It should be able to pass the DNS traffic along since I see there are no access-lists stopping it. I would configure your PC with a DNS server from your ISP manually, as well as the gateway, and proxy settings. Do you have a firewall between your PC and the router that might be blocking the DNS traffic ? -Daniel- On Thu, 19 Apr 2001, Circusnuts wrote: Hey all- I'm setting up my home network with a dual Ethernet 2500. I have most the config written for PAT (or NAT Inside Overload), better know as "TOO CHEAP TO PAY FOR EXTRA IP'S" :o) I'm @ a loss as far as how to get the Cisco to resolve Domain Names or pass through that access. Let me be less specific give the symptoms... I have the router up translating address (many 10. addresses to on outside IP). I can Ping anything out on the Internet, but I am not able to get WebPages to resolve on the PC or Ping anything with a Domain Name (router or PC). The cable company has everything to obtain Dynamically on the PC. There are no DNS, Proxy, or default gateway settings in the PC control panel. Firewall#sh run Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Firewall ! enable password Phil ! ip subnet-zero ! interface Ethernet0 ip address 10.1.1.1 255.255.255.0 no ip directed-broadcast ip nat inside ! interface Ethernet1 ip address 24.X.X.72 255.255.255.0 no ip directed-broadcast ip nat outside ! ip default-gateway 24.X.X.1 ip nat pool Molly 24.X.X.72 24.X.X.72 netmask 255.255.255.0 ip nat inside source list 1 pool Molly overload ip classless ip route 0.0.0.0 0.0.0.0 24.X.X.1 ! access-list 1 permit 10.1.1.0 0.0.0.255 ! line con 0 transport input none line aux 0 line vty 0 4 login ! end Any ideas ??? Thanks Phil FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1275t=1240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Allowing the DNS in a config ??? [7:1240]
Hi Nope, UDP 53 for clients and TCP 53 for server zone transfers. HTH -- John Hardman CCNP MCSE ""No Data"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Heh, I bet most of us turn dns look-ups off when we are on routers :) Anyway, the command is 'ip domain-lookup' It should be on by default. When you set up the router as a firewall you need to allow tcp port 43 for DNS to come into your private network (please correct me if I am wrong on this). I hope that answers your questions. Ben Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1278t=1240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
