windows 2003 server / msft dns

[drick1]

hi,

I'm trying to set up MSFT DNS on a Windows 2003 Enterprise Server. The server is behind a NetScreen Firewall, so i am struggling on how exactly to pass DNS traffic through the firewall, without opening it up too much.

I have DNS installed, i've added both forward and reverse zones for my domain, and it looks correct. i cannot resolve from outside world into my domain.

Any suggestions?

 

[mlichstein]

Have you configured a forwarder to your ISP? Right click on the server in DNS and go to properties, then the forwarders tab. Type the IP address(es) of your ISPs DNS servers.

You will also probably need to open port 53 inbound and outbound.

 

[drick1]

hi, yes i have 3 of my isp's dns entries in the forwarder section.

the only ip's i have in the tcp/ip stack are 127.0.0.1 and 192.168.2.40 (ip address of this host), so local resolution seems to be working

 

[mlichstein]

Are you allowing port 53?

 

[drick1]

hi,

just spent an hour on the phone with netsreen, i am indeed passing port 53 inbound

 

[mlichstein]

It has to go outbound too.

 

[drick1]

i have a policy on the inside that allows everything out already, so i'm covered on that one.