This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Public DNS server behine UTM9

Hi,

I have a secondary DNS server behine UTM9.

I have an additional IP address added to the public interface
I have a SNAT rule for any - dns - public IP to internal DNS server IP
I have a DNAT rule Internal DNS IP - DNS - Any to public IP of DNS server
I have FW rule any - DNS - internal DNS IP

The server responds internally to UDP and TCP
Externally it only responds on TCP

I dont see any dropped packets and the NAT rlle that is set to log initial packets does not log anything for UDP, only TCP.

What am i missing? Can anyone suggest what i have done wrong?

Thanks

Ian...

This thread was automatically locked due to age.

Parents

0 BAlfson over 10 years ago

If I use DNS tools that use UDP, they fail to connect and I don't see any traffic on the firewall logs for the UDP traffic but I do for the TCP traffic.

What happens if you try a packet capture while trying the UDP test? (Assuming that your External interface is on eth1)
tcpdump -n -i eth1 port 53 and udp

If you don't see anything, then the traffic is not reaching you.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 10 years ago

If I use DNS tools that use UDP, they fail to connect and I don't see any traffic on the firewall logs for the UDP traffic but I do for the TCP traffic.

What happens if you try a packet capture while trying the UDP test? (Assuming that your External interface is on eth1)
tcpdump -n -i eth1 port 53 and udp

If you don't see anything, then the traffic is not reaching you.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data