[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Microsoft DNS and Firewall-1
Title: RE: [FW1] Microsoft DNS and Firewall-1 Here's
what's nasty (nice?) about NT DNS Manager and firewalls:
Although it is true that zone transfers occurs over
TCP53 and lookups on UDP53, the DNS Manager connection is IPC-based, meaning
that you must allow NetBIOS from the controlling server to the controlled
server. My experience concurs with the thread thus far: "allow any"
somehow doesn't do the trick - NetBIOS must be explicitly allowed.
Further, your credentials (i.e. username/password) on the controlling machine
must match an account (be it local or domain) on the controlled server for
passthrough authentication to succeed. This theoretically augments the
security of your DNS server, but complicates things a bit in terms of
management.
HTH
Dan Hitchcock
I put in a trial rule, from DNS1 to DNS2, allow any and the policy properties are set to allow RPC control which appears as pseudo rule 4. None of this appeared to help. Steve -----Original Message----- Have you allowed DNS UDP & TCP through the firewall.
Server to Server Andrew Shore -----Original Message----- We have several semi-secure zones separated through the ports
on a I would like to set up each zone with it's own Microsoft DNS
server running The initial test isn't going too well. The Microsoft DNS
Manager can't see Does anyone have experience of trying to get DNS updates and
management Thanks Steve Allum _______________________________________________________________________
|