NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Split DNS

Title: Split DNS
Yes, this problem exists because you have SecuRemote setup to get dns entries from the Firewalls, essentially this overrides the settings of either DHCP or Static DNS settings. Killing securemote stopped it from redirecting the queries. DId you have each DNS server listed in your dnsinfo file?
 
     If so, if the first two DNS servers listed there were the machines you took down, the timeout for each DNS server failure is 20 seconds. If windows does not get resolution within I think 30 Seconds, it fails to resolve and will not go to a third server for the DNS resolution.
 
 
 
-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-
Larry Pingree
Sr. Security Consultant
Email: [email protected]
 
SiegeWorks
WebSite: http://www.siegeworks.com/
Enterprise Support, Security Consulting and Training
-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-
----- Original Message -----
Sent: Tuesday, March 27, 2001 9:42 AM
Subject: [FW1] Split DNS

Hi there,

We just experienced an issue that seemed to be a split-dns problem and I was wondering if anyone else had encountered this or had any thoughts on it.

Some background:
We employ split DNS to allow our vpn users to access internal network resources. We do not use WINS and instead use DNS for all name resolution. In our DHCP scope, we listed 4 DNS servers. Recently, we cut that down to 2 and we removed the servers from the DHCP scope that users were using for split DNS.

After we had made that change, some users were complaining they could not access anything outside our network when they were plugged directly into our internal LAN. It turns out that the only users who were having the problem were those who had SecuRemote installed on their laptops. They could not resolve any names, except through broadcasting. They're all on Win2K machines and I tried to do nslookups, but it wouldn't recognize either of our 2 DNS servers that were in the DHCP scope. If I killed the SecuRemote client on their machines, the problem stopped and everything was tickety-boo.

We changed the dnsinfo file on the firewall to reflect the new DNS servers and had everyone update their clients and all is fine now.

What happened? It almost looks like SecuRemote is still active even if you're connected to the local LAN. Has anyone else had anything like this happen?

Rob Michayluk
Computer Network Services Analyst
ACD Systems Limited
Tel: 
Fax: (250) 544-0291
[email protected]
www.ACDSYSTEMS.com

                        Come meet the ACD Systems Team!
                        CeBIT 2001, Hannover, Germany, March 22-28, Location 009, Stand B45/2
                        MacWorld 2001, New York, July 18-20, Booth 1331
                        Comdex Fall 2001, November 12 - 16

Attachment: smime.p7s
Description: S/MIME cryptographic signature


  
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.