SBS 2O08 Non Domain Users use DNS

Hi,

I have an issue with SBS 2008 whereby non domain users (visiting users), get DHCP allocated, but DNS does not work for them. (they are allocated the correct IP of the DC for DNS)

I have my ISP's DNS servers setup as forwarders, and it's working for domain users.

How do I set SBS to allow non domain systems access to DNS?

Thanks!
radiosupportAsked:
Who is Participating?
 
scraaneConnect With a Mentor Commented:
It is on the commandline. telnet to your asa and use the command. You can also send commandline commands through the ASDM. I think it is on the TOOLS menu.
0
 
Dave StringfellowIT managerCommented:
As far as I am aware, there is no way to do this, when a PC connects to the network, could you do a an nslookup in a cmd window please? see what response you get?
0
 
Cliff GaliherCommented:
DNS is by default a non-authenticated protocol. Non-domain machines can make requests against the DNS server just as easily as the domain machines. If this isn't working then you likely have another issue, such as firewall rules, causing problems.
-Cliff
 
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
radiosupportAuthor Commented:
Thanks.. it's very strange, an NSLOOKUP resolves google.com to the correct IP, so it's the traffic that isnt being passed through the ASA 5505 for some reason! A reboot of the router seems to fix this. Any ideas??
0
 
Cliff GaliherCommented:
Not without taking a detailed look at your network and firewall rules, sorry.
-Cliff
 
0
 
Dave StringfellowIT managerCommented:
So there is some reason for the firewall to block traffic, sadly im not a Cisco person, but with watchguard it is able to block IPs due to behaviour  like port scans, virus's etc. Is there a way to look at blocked IPs within the ASA500? Worth a look.
0
 
scraaneCommented:
How many people is your ASA5505 licenced for? If you have more that x number IP addresses accessing the internet, it will block all above your ASA limit.

Do a 'show local' on the asa to see the number of active sessions. Do a 'show ver' to see the license.
0
 
radiosupportAuthor Commented:
Thank  you. I bet this is the issue.. I can't see a "show local", I'm using ASDM 6. Any ideas?
0
 
radiosupportAuthor Commented:
Thank you. This is the issue indeed. Many thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.