Solved

SBS 2O08 Non Domain Users use DNS

Posted on 2010-09-07
9
733 Views
Last Modified: 2012-05-10
Hi,

I have an issue with SBS 2008 whereby non domain users (visiting users), get DHCP allocated, but DNS does not work for them. (they are allocated the correct IP of the DC for DNS)

I have my ISP's DNS servers setup as forwarders, and it's working for domain users.

How do I set SBS to allow non domain systems access to DNS?

Thanks!
0
Comment
Question by:radiosupport
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 15

Expert Comment

by:Dave_AND
ID: 33616187
As far as I am aware, there is no way to do this, when a PC connects to the network, could you do a an nslookup in a cmd window please? see what response you get?
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 33623025
DNS is by default a non-authenticated protocol. Non-domain machines can make requests against the DNS server just as easily as the domain machines. If this isn't working then you likely have another issue, such as firewall rules, causing problems.
-Cliff
 
0
 

Author Comment

by:radiosupport
ID: 33624827
Thanks.. it's very strange, an NSLOOKUP resolves google.com to the correct IP, so it's the traffic that isnt being passed through the ASA 5505 for some reason! A reboot of the router seems to fix this. Any ideas??
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 33632282
Not without taking a detailed look at your network and firewall rules, sorry.
-Cliff
 
0
 
LVL 15

Expert Comment

by:Dave_AND
ID: 33634572
So there is some reason for the firewall to block traffic, sadly im not a Cisco person, but with watchguard it is able to block IPs due to behaviour  like port scans, virus's etc. Is there a way to look at blocked IPs within the ASA500? Worth a look.
0
 
LVL 3

Expert Comment

by:scraane
ID: 33635773
How many people is your ASA5505 licenced for? If you have more that x number IP addresses accessing the internet, it will block all above your ASA limit.

Do a 'show local' on the asa to see the number of active sessions. Do a 'show ver' to see the license.
0
 

Author Comment

by:radiosupport
ID: 33635797
Thank  you. I bet this is the issue.. I can't see a "show local", I'm using ASDM 6. Any ideas?
0
 
LVL 3

Accepted Solution

by:
scraane earned 500 total points
ID: 33635833
It is on the commandline. telnet to your asa and use the command. You can also send commandline commands through the ASDM. I think it is on the TOOLS menu.
0
 

Author Comment

by:radiosupport
ID: 33635865
Thank you. This is the issue indeed. Many thanks.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question