I have a unique problem. I'm trying to put our firewall up using the Cisco
IOS access-list commands. When I put it in place, with TCP and UDP ports 53
open, DNS will not work. We are using Windows 2000 Server as our DNS
Server. Is there a bug in Windows 2000? Or does Windows 2000 use an
addit
they time out - but the ping does
resolve the IP address.
4 - When I type the IP address in the web browser, the page opens fine.
Was thinking this is maybe a DNS problemany thoughts? Thanks,
Jake
_
FAQ, list archives, and subscription info: http
quot; <[EMAIL PROTECTED]>
>Reply-To: "Millner, Gary" <[EMAIL PROTECTED]>
>To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
>Subject: DNS Problem
>Date: Mon, 6 Nov 2000 12:14:30 -0500
>
>I have a unique problem. I'm trying to put our
I believe you can also permit established connections which would do the
same thing with a little more security.
-Original Message-
From: Frank Wells [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 06, 2000 12:02 PM
To: [EMAIL PROTECTED]
Subject: Re: DNS Problem
I believe DNS uses
Title: RE: DNS Problem
DNS using random ports is a new one on me. I've never heard of that, but would be interested in learning more if you have a resource to suggest.
Are you implementing the access list correctly? Remember that port 53 is the source, not the destination. I have a si
with your DNS server's IP Address)
Irwin
From: Frank Wells [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 06, 2000 12:02 PM
To: [EMAIL PROTECTED]
Subject: Re: DNS Problem
I believe DNS uses random ports to communicate once it has established a
session using port 53.
first, dns is only udp.
dns will establish connections by connecting TO port 53, but will connect from a port
>1023.
just allowing established connections will NOT work.
dns server that your dns server queries will need to open a connection TO your
nameserver.
you need to find a DNS server that
November 06, 2000 5:49 AM
Subject: Re: DNS Problem
> first, dns is only udp.
> dns will establish connections by connecting TO port 53, but will connect
from a port
> >1023.
> just allowing established connections will NOT work.
> dns server that your dns server querie
mber 06, 2000 11:44 AM
Subject: RE: DNS Problem
> AFAIK, DNS does not use random ports, however just like most TCP session,
> the source port will always be a random port above 1023.
>
> The below in-bound ACL will permit your site to access a remote DNS
server.
>
> access-li
log.
>
> - Don
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 06, 2000 10:55 AM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: RE: DNS Problem
>
> I believe you can also permit established c
Mark Nguyen wrote:
>
> DNS uses both TCP and UDP on port 53. I believe what you are trying to
> do is put your DNS server behind the router, in which case port 53 on
> your DNS server will be the destination.
>
> access-list 101 permit udp any host x.x.x.x eq domain
> access-list 101 permit tcp
oes not use random ports, however just like most TCP session,
> > the source port will always be a random port above 1023.
>
> >
> >
> > From: Frank Wells [mailto:[EMAIL PROTECTED]]
> > Sent: Monday, November 06, 2000 12:02 PM
> > To: [EMAIL PROTECT
ww.gdd.net/cisco/tcp
>
> - Original Message -
> From: Peter Slow <[EMAIL PROTECTED]>
> To: Millner, Gary <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Monday, November 06, 2000 5:49 AM
> Subject: Re: DNS Problem
>
> > first, dns is only udp.
&
At 04:41 PM 11/6/00, Mark Nguyen wrote:
> >
> > If this is an authoritative DNS server, you will need TCP for it to do
> > zone transfers and name queries. If it is only caching, then UDP alone
>
>Just to clear up some confusion, when I said name queries, I mean
Priscilla Oppenheimer wrote:
>
> At 04:41 PM 11/6/00, Mark Nguyen wrote:
>
> > >
> > > If this is an authoritative DNS server, you will need TCP for it to do
> > > zone transfers and name queries. If it is only caching, then UDP alone
> >
> >Just to clear up so
Thanks for the info. I was just getting sick of all the misinformation so I
over-simplified a bit and optimized for the most usual case. I was glad to
get your response, though, since you obviously have the Authoritative
Answer bit set! &;-)
So, why would a DNS query generate a response that w
Priscilla Oppenheimer wrote:
>
> Thanks for the info. I was just getting sick of all the misinformation so I
> over-simplified a bit and optimized for the most usual case. I was glad to
> get your response, though, since you obviously have the Authoritative
> Answer bit set! &;-)
:) I am by no m
being resolved
- Original Message -
From: "Secrist John J Contr 27 IS/IND" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, March 29, 2001 11:38 AM
Subject: DNS problem?
> A funny thing is happening on our network and it has us stumped.
>
> 1 - Some web
rist John J Contr 27 IS/IND
Cc: '[EMAIL PROTECTED]'
Subject: Re: DNS problem?
On Thu, 29 Mar 2001, Secrist John J Contr 27 IS/IND wrote:
> A funny thing is happening on our network and it has us stumped.
>
> 1 - Some websites are not reachable by typing the hostname in a bro
Guys,
I am having problem resolving DNS names.
I have a Cisco 2600 and configured for right name-servers and domain name,
but I am still unable to ping www.yahoo.com from my router and a unix box.
My router/unix is behind a PIX firewall. I also created an ACL to allow
outbound conections to my inte
20 matches
Mail list logo