Ok I did a rebuild with Vlans this time, something new. ive had no trouble setting everything up, web proxy, NAT, firewall the lot. UNTIL NOW i've ran into this issue where my client machines can not resolve dns. And i have no idea why. On one of my box's, i run transmission for seeding/downloading; and even since i did my rebuild i cant seem to resolve dns names. Ive done the Following: (ports are forwarded correctly etc) [LIST=1] Checks IP Config, it is using ASG as its dns Checks to see if ASG is allowing access, it is Checked Defualt Gateway, its correct flushed dns, than used a forwarder that was my isp "4.2.2.1" which was what i use to use still didnt work Pop'd a vain and ready the put my head through screen [/LIST] I can however use the webproxy and visit those dns names. if someone could help me solve this ASAP id be soever greatful

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNS Nightmare =( H3LP!

Ok I did a rebuild with Vlans this time, something new. ive had no trouble setting everything up, web proxy, NAT, firewall the lot. UNTIL NOW

i've ran into this issue where my client machines can not resolve dns. And i have no idea why.

On one of my box's, i run transmission for seeding/downloading; and even since i did my rebuild i cant seem to resolve dns names.

Ive done the Following: (ports are forwarded correctly etc)

[LIST=1]

Checks IP Config, it is using ASG as its dns
Checks to see if ASG is allowing access, it is
Checked Defualt Gateway, its correct
flushed dns, than used a forwarder that was my isp "4.2.2.1" which was what i use to use still didnt work
Pop'd a vain and ready the put my head through screen

[/LIST]

I can however use the webproxy and visit those dns names.

if someone could help me solve this ASAP id be soever greatful

This thread was automatically locked due to age.

Parents

0 Corey3443 over 13 years ago

Information:
Nic 1 (UPLINK) - Cable Modem (DHCP)
Nic 2 Vlan tag 7 (Secure) -  (10.0.0.1/255.255.255.0)
Nic 2 Vlan tag 10 (Public) -  (10.0.8.1/255.255.255.0)
Nic 2 Vlan tag 11 (DMZ)   -  (172.168.1.1/255.255.255.0)

Secure and Public both have a DHCP Server, but Secure has "Clients with static mappings only" ticked.

Secure,Public,DMZ have Masq rules pointing to UPLINK.

Secure has a Firewall rules:
Secure (Network) -> All Services -> Internet v4 | Allow,Log
Secure (Network) -> All Services -> Public (Network) | Allow,Log

Public Has a Firewall Rules:
PublicUserGroupObject - > Approved Services - > Internet v4 | Allow,Log
PublicUserGroupObject - > CIFS - > NAS Hostname | Allow,Log

DMZ has a firewall rule:
DMZ (Network) -> ALL Services - > Secure (Network) | Deny ,Log
DMZ (Network) -> ALL Services - > Public (Network)  | Deny ,Log
DMZ (Network) -> ALL Services - > Internet v4 | Allow,Log

DNS Settings:

Allowed Networks: Secure (Network), Public (Network), DMZ(Network)

DNS Forwarders:
4.2.2.1 (Host, Uplink Interface)
4.2.2.2 (Host, Uplink Interface)

"Use forwarders assigned by ISP" unticked

This firewall is sitting on a cable uplink, so no NAT in front of it

EDIT: ive noticed in the dnsproxy logs im getting lots of theses

2011:11:19-12:51:38 AstaroFW named[5958]: unexpected RCODE (REFUSED) resolving '223.35.179.142.in-addr.arpa/PTR/IN': 209.53.4.150#53
2011:11:19-12:51:39 AstaroFW named[5958]: unexpected RCODE (REFUSED) resolving '223.35.179.142.in-addr.arpa/PTR/IN': 209.53.4.130#53

they seem to pop up whenever im trying to resolve a name, yet if i do it on my desktop i works.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Corey3443 over 13 years ago

Information:
Nic 1 (UPLINK) - Cable Modem (DHCP)
Nic 2 Vlan tag 7 (Secure) -  (10.0.0.1/255.255.255.0)
Nic 2 Vlan tag 10 (Public) -  (10.0.8.1/255.255.255.0)
Nic 2 Vlan tag 11 (DMZ)   -  (172.168.1.1/255.255.255.0)

Secure and Public both have a DHCP Server, but Secure has "Clients with static mappings only" ticked.

Secure,Public,DMZ have Masq rules pointing to UPLINK.

Secure has a Firewall rules:
Secure (Network) -> All Services -> Internet v4 | Allow,Log
Secure (Network) -> All Services -> Public (Network) | Allow,Log

Public Has a Firewall Rules:
PublicUserGroupObject - > Approved Services - > Internet v4 | Allow,Log
PublicUserGroupObject - > CIFS - > NAS Hostname | Allow,Log

DMZ has a firewall rule:
DMZ (Network) -> ALL Services - > Secure (Network) | Deny ,Log
DMZ (Network) -> ALL Services - > Public (Network)  | Deny ,Log
DMZ (Network) -> ALL Services - > Internet v4 | Allow,Log

DNS Settings:

Allowed Networks: Secure (Network), Public (Network), DMZ(Network)

DNS Forwarders:
4.2.2.1 (Host, Uplink Interface)
4.2.2.2 (Host, Uplink Interface)

"Use forwarders assigned by ISP" unticked

This firewall is sitting on a cable uplink, so no NAT in front of it

EDIT: ive noticed in the dnsproxy logs im getting lots of theses

2011:11:19-12:51:38 AstaroFW named[5958]: unexpected RCODE (REFUSED) resolving '223.35.179.142.in-addr.arpa/PTR/IN': 209.53.4.150#53
2011:11:19-12:51:39 AstaroFW named[5958]: unexpected RCODE (REFUSED) resolving '223.35.179.142.in-addr.arpa/PTR/IN': 209.53.4.130#53

they seem to pop up whenever im trying to resolve a name, yet if i do it on my desktop i works.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data