Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS Issue

Status
Not open for further replies.
mcse63

mcse63

MIS
Jan 7, 2003
44
US
I have a slight challenge with getting to the inside from the outside. Here is the challenge? I have an external DC that goes through a firewall to get to my internal dcs. I can ping both the my internal dc can see the external dc by ip and name. But when I run a tracert from the outside it drops the connection at the firewall. for example. my internal network ip of 192.168.1.10 subnet of 255.255.xxx.x and gateway of 172.x.x.x, the external is set to 12.x.x.x and 255.255.xxx.x Both boxes can talk to one another, but it appears that it drops at the firewall. Here is ipconfig \all for the firewall.

thernet adapter El90x1:

Description . . . . . . . . : El90x1 3Com EtherLink PCI
Physical Address. . . . . . : 00
DHCP Enabled. . . . . . . . : No
IP Address. . . . . . . . . : 12.x.xxx.x
Subnet Mask . . . . . . . . : 255.xxx.xxx.x
Default Gateway . . . . . . : 12.x.xxx.x

Ethernet adapter El90x2:

Description . . . . . . . . : El90x2 3Com EtherLink PCI
Physical Address. . . . . . : 00-
DHCP Enabled. . . . . . . . : No
IP Address. . . . . . . . . : 172.xx.x.x
Subnet Mask . . . . . . . . : 255.xxx.xxx.x
Default Gateway . . . . . . :
Primary WINS Server . . . . : 192.xx.x.xx
 
Sort by date Sort by votes
Have you got some sort of routing enable between the boxes?
Does the firewall block ICMP?
 
Upvote 0 Downvote
I have forwarders setup on both boxes, if that is what you are referring to. Nothing has been changed or modified on the firwall, so I would assume that answer would be no. If I lost the External DC and had to rebuild it from scratch, would this make any changes to the fw? We have a checkpoint fw and I am not familiar with it in the least. Thanks for the quick response Faithless! I am not sure if forwarders are what you were referring to or not. Let me know?

Thanks
 
Upvote 0 Downvote
it sounds like your firewall is blocking ICMP thats why u can only trace up until the firwall, ICMP is the protocol used by tracert
 
Upvote 0 Downvote
Would this keep my users from terminal servicing in and mapping drives as well. That is the real challenge. If I get on the firewall and ping the internal domain it resolves and if I ping the external domain it resolves, but I can't map to or make a ts connection outside the firewall.
 
Upvote 0 Downvote
No, if your users cant access stuff the firewall must be blocking the traffic going out/in

 
Upvote 0 Downvote
Ethernet adapter El90x2:

Description . . . . . . . . : El90x2 3Com EtherLink PCI
Physical Address. . . . . . : 00-
DHCP Enabled. . . . . . . . : No
IP Address. . . . . . . . . : 172.xx.x.x
Subnet Mask . . . . . . . . : 255.xxx.xxx.x
Default Gateway . . . . . . :
Primary WINS Server . . . . : 192.xx.x.xx
Gateway?


Glen A. Johnson
Johnson Computer Consulting
"The best fire does not flare up the soonest."
George Eliot (1819-1880); Englist novelist.

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
10K
KenMeans
KenMeans
alpha76
  • Locked
  • Question
Advice on DNS setup/configuration
Replies
3
Views
11K
technome
technome
tbright
  • Locked
  • Question
DNS reverse lookup errors: zone 1.168.192.in-addr.arpa/IN: has no NS records
Replies
1
Views
12K
tbright
tbright
dl12345
  • Locked
  • Question
IPV6 related issue on bind 9.16.1 on Ubuntu 20.04
Replies
1
Views
11K
dl12345
dl12345
Richard Carter
  • Locked
  • Question
Set up BIND on DNS server for local home server
Replies
0
Views
10K
Richard Carter
Richard Carter

Part and Inventory Search

Sponsor

Back
Top