Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Raptor 6.5NT: DNS through the Firewall (NO PROXY)

Status
Not open for further replies.
finlan

finlan

Technical User
Mar 28, 2002
2
DE
hi,

i am trying to achive the following:

direct DNS access through the raptor without using the dns-proxy.

i have created a rule which allows me to access DNS (all DNS paket types) from the DMZ to Universe. There is a DNS running on the raptor, which i don't want to use. i want to get DNS queries to a DNS server elsewhere.

i have activated GSPD for tcp and udp.

and guess what: it's not working. i keep getting ICMP messages that port 53 udp is not reachable from the raptor.

Mar 26 11:09:50.457 fire1 kernel: 232 Sending ICMP port unreachable. Original packet (192.168.33.19->192.5.5.241: Protocol=UDP Port 32768->53) received on interface 192.168.33.18

where 33.19 is the requesting server, 192.5.5.241 is the DNS server an 33.18 is the DMZ interface.

i have set up various other services the same way, everything is fine. but NONE of the other services are running a proxy for that service in parallel.

i am really screwed up.

additionally there is another error which the system reports after activating the udp GSPD-proxy, which we didn't need before:

the error message is in german so i try to translate it:
"an attached device is not working" this error refers to the GSPD-proxy.

any clues ? i am running out of options.

fin
 
Sort by date Sort by votes
We use Raptor 6.5 NT in my department. In Raptor, if you want to pass through dns packets, you have to disable the dns service in Raptor.
Only one choice at a time.
 
Upvote 0 Downvote
i guessed so ...
thanx for the answer !
fin
 
Upvote 0 Downvote
Hi,
I am using Raptor 4 on HP-UX 10.20 and recently while going through some reconfiguration, I started to get these messages - 232 Sending ICMP host(prohibited) unreachable. Original packet (UDP: 172.20.3.38/138 -> 172.20.5.255/138) from interface lan2 scrolling on the screen every few minutes. I don't have a clue what going on.
Appreciate if you can point out what went wrong or how to turn off the messages.
Thanks
 
Upvote 0 Downvote
You can have both the DNS proxy running and passing DNS traffic through.

My firewall tech. said the same and also the external consultant.

I needed us to run our own public DNS servers and I also needed some internal DNS servers.

After 2-3 months when I keeps telling them that there had to be a solution they found it.

If you need the same as I needed I can ask my firewall tech. to tell me how they did it. It was very simple I remember.

/johnny
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Ailuin
  • Locked
  • Question
Best Residential proxy provider.
Replies
1
Views
654
AvivBes
AvivBes
jim_bmx
  • Locked
  • Question
sh proxy command
Replies
0
Views
601
jim_bmx
jim_bmx
ChrisFairley
  • Locked
  • Question
Downloads failing through ASA 5520
Replies
1
Views
141
iggsterman
iggsterman
Russtoleum
  • Locked
  • Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
168
Russtoleum
Russtoleum
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
527
nnaarrnn
nnaarrnn

Part and Inventory Search

Sponsor

Back
Top