[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] DNS Question
> Sorry...I should have specified... in our DNS-53 group - we have Port 53/UDP > and Port53/TCP. Do you have DNS verification enabled? I have also seen this cause problems. -Don > > > After all the IPSO upgrades and service pack upgrades for our > > > Nokia/Checkpoint 4.1 SP5a solution, we started seeing some random > > > results with our DNS servers. Sometimes, it would fail on the first > > > lookup - but after that it would be ok... my question is simple... for > > > the last several years we've had the simple 2 rules for our DNS Servers: > > > > > > 1. Any (Source) DNSServers(Destination) DNS-53(Port) > > > 2. DNSServers (Source) Any (Source) DNS-53 (port) > > > > > > The question is simple...are we missing something obvious??? Our DNS > > > servers are Windows 2000. > > When you say DNS-53, do you mean UDP or TCP? You need to allow both in > > order for DNS to function properly. Most DNS requests use UDP port 53, > > however larger requests use TCP port 53. It may be these larger requests > > that are failing. > > > > -Don ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|