Greetings
My company has decided to host their own public dns servers, no big deal I thought, so I configured/hardened the servers and set them up in our 515E. When I went to test the outside to dmz connectivity, it did not work. (I pointed my home pc dns settings to the servers ip.) I checked and double check my config files (static nat settings, and acl's) Tried it again and still nothing. I even tried "permit ip any host w.x.y.z" instead of "permit udp any host w.x.y.z eq 53" and still nothing. So I physically logged on to the server to see if I have any connectivity to the dmz. In our dmz, we have two other servers, I am able to ping the servers as well as the dmz interface itself. However, I when I tried to access the internet, nothing, the connection timed out. I even tried a different dns ip address in local area connection propeties and still nothing. Now our two other servers in the dmz can access the internet just fine and outside to dmz connectivity works like a charm. I cannot understand why the new servers I placed in the dmz succeed at niether. I mean just placing these servers in the dmz they should at least be able to access the internet. Interfaces with higher security can pass traffic to interfaces of lower security. Any have any ideas? If any clarification is needed on anything just let me know.
My company has decided to host their own public dns servers, no big deal I thought, so I configured/hardened the servers and set them up in our 515E. When I went to test the outside to dmz connectivity, it did not work. (I pointed my home pc dns settings to the servers ip.) I checked and double check my config files (static nat settings, and acl's) Tried it again and still nothing. I even tried "permit ip any host w.x.y.z" instead of "permit udp any host w.x.y.z eq 53" and still nothing. So I physically logged on to the server to see if I have any connectivity to the dmz. In our dmz, we have two other servers, I am able to ping the servers as well as the dmz interface itself. However, I when I tried to access the internet, nothing, the connection timed out. I even tried a different dns ip address in local area connection propeties and still nothing. Now our two other servers in the dmz can access the internet just fine and outside to dmz connectivity works like a charm. I cannot understand why the new servers I placed in the dmz succeed at niether. I mean just placing these servers in the dmz they should at least be able to access the internet. Interfaces with higher security can pass traffic to interfaces of lower security. Any have any ideas? If any clarification is needed on anything just let me know.
