Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Watchguard Firewall in Server 2003 Environment - DNS Issues

Posted on 2007-07-26
4
Medium Priority
?
539 Views
Last Modified: 2013-11-16
I'm having DNS woes with my newly installed Server 2003 environment.  We have a workgroup network that connects to our Watchguard Firewall via static address.  The firewall has interface0 set to internet and interface1 set to our internal network (192.168.1.0/24).  Interface0 is set to (192.168.1.1).

All desktops are configured static to connect to it.  The configuration on each machine would be similar to:
IP: 192.168.1.105
Subnet: 255.255.255.0
Gateway: 192.168.1.1
DNS: 4.2.2.2

This week I installed a Windows Server 2003 rack server and started a domain and made it to the DC.  It is set as follows:
IP: 192.168.1.2
Subnet: 255.255.255.0
Gateway: 192.168.1.2
DNS: 127.0.0.1

Now, my clients have to choose a different gateway and DNS to choose either internet / or server access.  I've tried having them point to the servers address as Gateway and DNS as I have installed DNS on the server, and set forwarding to send requests to the 192.168.1.1 or 4.2.2.2 address.  So far, I have been unlucky.  Anyone know what maybe going wrong?

THANKS!
0
Comment
Question by:jaelae
  • 2
4 Comments
 
LVL 8

Expert Comment

by:thenone
ID: 19576172
Do have watchguard as a dns server?
0
 

Author Comment

by:jaelae
ID: 19577554
No.  I have not seen any option to enable it as a DNS server.  Only to forward requests to other ones.

This is a Firebox Core x1250e
0
 
LVL 13

Accepted Solution

by:
hstiles earned 2000 total points
ID: 19578122
Most likely problems are that you don't have a rule to allow outbound DNS from your Windows 2003 Server to the Internet.  Don't use the Firebox as a forwarder.  It should be one of your ISPs resolvers.  Alternatively, if you don't know the address for the forwarders, simply remove them and the Windows 2003 server will use recursive lookups and query the relevant root servers.

Your clients need to use the Windows 2003 as sole DNS server.  Simply leave the second DNS server box blank.  DO NOT use the Firebox as secondary DNS.  DNS is critical to the normal operation of an AD domain.
0
 

Author Comment

by:jaelae
ID: 19578600
Thanks for the advice.  I must have overthought this and made all the wrong changes.  I left the clients set to the Server as the DNS server (and did the same on the server) - but I set the default gateway on both to the router.  This seemed to fix it all as I can access all network resources, and I am able to access DNS based internet sites.

Thanks!
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question