DNS behind PAT... not working 1

inetbuild · Jun 7, 2004

I have a Cisco 831 Router setup with PAT on udp 53. When I point to my FreeBSD DNS server it works perfectly. When I point to my Windows Server 2003 DNS, I get some weird results. I debugged the NAT (debug ip nat detailed) and saw something like:

06:25:18: NAT: Allocated Port for 10.1.1.2 -> 172.16.30.20: wanted 53 got 195

I did not see this when pointing to the FreeBSD box. There are no other configuration changes between the servers than the IP addresses.

This seems to be the culprit, as the DNS logs on the w2k3 server shows it responding to the request and the NAT log shows the translation back out of the packet.

Any help would be greatly appreciated.

GeorgeOu · Jun 7, 2004

In order for DNS to work properly, you normally need to open up TCP and UDP 53 on a firewall. This will likely mean that you need to PAT both TCP and UDP 53, and not just UDP.

George Ou
Network Systems Architect

Get more powerful articles and tools from my webpage

http://www.lanarchitect.net

inetbuild · Jun 8, 2004

All it took was a reboot (reload) of the router. I'm so used to changes being picked up automatically that I didn't think to reboot. I'm all set now. Thanks.

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

DNS behind PAT... not working 1

inetbuild

Technical User

GeorgeOu

Instructor

inetbuild

Technical User

Similar threads

Part and Inventory Search

Sponsor