kooleecoyote
asked on
which ports do I open up in isa server for external DNS name servers
I have sbs 2003 with isa installed on it....... I am doing my own name server work on the same machine.......... I have done it before with regular server... I have my dns and forwarding zones correct, but it does not work with dnsreport............ I know it's an ISA Server issue..
which ports do I need to open up inorder for everything to work
domain is microwebok.com
thanks
Mark Williams
which ports do I need to open up inorder for everything to work
domain is microwebok.com
thanks
Mark Williams
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Your SBS has two network cards in it.
One would have Public IP and second will have private.
Is your Public IP 66.49.81.150.(On External NIC).
Check in DNS properties, if its listening on both interfaces and not just on internal.
One would have Public IP and second will have private.
Is your Public IP 66.49.81.150.(On External NIC).
Check in DNS properties, if its listening on both interfaces and not just on internal.
ASKER
OK...l I did that also...
On the dns reports is says this:
Your NS records at your nameservers are:
[None of your nameservers returned your NS records; they could be down
or unreachable, or could all be lame nameservers
this is info
then a warning:
WARNING: At least one of your nameservers did not return your NS records (it reported 0 answers). This could be because of a referral, if you have a lame nameserver (which would need to be fixed).
66.49.81.150 returns 0 answers (may be a referral)
66.49.81.150 returns 0 answers (may be a referral)
then a few lines down.... a failure..
ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are:
god.microwebok.com.
remote.microwebok.com.
this has to be ISA SERVER.... I should have gotten all this working before I installed it
On the dns reports is says this:
Your NS records at your nameservers are:
[None of your nameservers returned your NS records; they could be down
or unreachable, or could all be lame nameservers
this is info
then a warning:
WARNING: At least one of your nameservers did not return your NS records (it reported 0 answers). This could be because of a referral, if you have a lame nameserver (which would need to be fixed).
66.49.81.150 returns 0 answers (may be a referral)
66.49.81.150 returns 0 answers (may be a referral)
then a few lines down.... a failure..
ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are:
god.microwebok.com.
remote.microwebok.com.
this has to be ISA SERVER.... I should have gotten all this working before I installed it
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
53 UDP is for regular DNS requests.
However some systems do resort to using 53 TCP and as well 53 TCP is utilized for Zone Transfers
However some systems do resort to using 53 TCP and as well 53 TCP is utilized for Zone Transfers
Hi,
I am assuming it is an ISA sever 2004.
Create a Rule on the ISA server, From External and Localhost to External and Localhost allow DNS(UDP 53).
Thanks
Kumar
I am assuming it is an ISA sever 2004.
Create a Rule on the ISA server, From External and Localhost to External and Localhost allow DNS(UDP 53).
Thanks
Kumar
use a sniffer (like ethereal) to check which ports and protocols your DNS uses (reading the docs or using the nice click&go GUI would be another method:)
Following requirements could be there:
- port 53 UDP, both directions
- TCP port 53 in both directions
- TCP destination port 53 with any local port
- any combination of the above
If you don't know, open UDP port 53 in both directions *and* TCP port 53 in both directions *and* TCP destination port 53 from any local port in both directions.
Following requirements could be there:
- port 53 UDP, both directions
- TCP port 53 in both directions
- TCP destination port 53 with any local port
- any combination of the above
If you don't know, open UDP port 53 in both directions *and* TCP port 53 in both directions *and* TCP destination port 53 from any local port in both directions.
Also look at your LAT, and make sure you only have the default GW on the Public NIC only.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I actually had my registrar do my DNS.. but still had problems doing other things with ISA intalled. decided to uninstall it until I get everyting workikng first.. then I'll try to put it on again after my vacation ( heading down to the storm in Florida)..... Thanks for your input and I will surely be asking more questions after I get it installed again.
Makr
Makr
ASKER