We help IT Professionals succeed at work.

Nslookup server 2003

JonBowley
JonBowley asked
on
Medium Priority
1,350 Views
Last Modified: 2007-11-27
Hi,

I work for a school and i am having problems with a piece of software that needs to connect to a external server.  to access the WAN our school has to go through the Local Education Authority's routers and firewalls, this is the same for internet access.
My question is is there anything that would stop me being able to Nslookup external sites, as when i try to use this function i get the message server failed. Yet I can nslookup any address internally.
My second  quetsion is if their is nothing within the Local Education Authority's routers or firewalls thats stopping this is their something within DNS that is causing the problem.
We are using Server 2003 and all clients are XP Pro.

Many thanks in anticipation.
Comment
Watch Question

Top Expert 2004
Commented:
>>My question is is there anything that would stop me being able to Nslookup external sites

Possibly a firewall.  They could be requiring you to use their DNS servers for name resolution and only allow DNS queries to pass from the IP of the DNS server to the outside.

>>My second  quetsion is if their is nothing within the Local Education Authority's routers or firewalls thats stopping this is their something within DNS that is causing the problem.

I suspect the firewalls.  You can go to www.dnsstuff.com to troubleshoot DNS externally.

Hope this helps.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Commented:
Yeah, it can be the Firewalls, but there might be another possibility : if your DNS doesn't allow recursive requests from clients, you wont be able to nslookup outside your organization. Check this parameter. If recursive requests are allowed, then the FWs are most likely the culprits.

HTH
Cheers
Top Expert 2004

Commented:
vsg375 - shouldn't they be able to change the server with the "server" command and it should work, if the firewall isn't blocking it?

Commented:
definitely, pseudocyber. That's another thing to try and thanks for reminding me...

First, find a DNS addy from outside your organization (extremely easy)

Then, in your nslookup prompt type server xxx.xxx.xxx.xxx (the addy)

make several tries if the first one doesn't work. If it works you should default to the DNS from the Internet. You should then be able to nslookup almost anywhere.

If none of your tries work, then the FWs definitely are involved.

Thanks again pseudocyber, forgot about that one... long day... ;o))
Sounds like a combination of a few of these things.

Can you browse the internet from the machine in question? Is internet access setup to use a proxy server (I'm guessing yes). My guess would be they've allowed web access from the proxy server to access the internet, but other ports (port 53 is DNS queries, its likely blocked for all but the proxy server).

Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.