Solved

SBS 2O08 Non Domain Users use DNS

Posted on 2010-09-07
9
735 Views
Last Modified: 2012-05-10
Hi,

I have an issue with SBS 2008 whereby non domain users (visiting users), get DHCP allocated, but DNS does not work for them. (they are allocated the correct IP of the DC for DNS)

I have my ISP's DNS servers setup as forwarders, and it's working for domain users.

How do I set SBS to allow non domain systems access to DNS?

Thanks!
0
Comment
Question by:radiosupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 15

Expert Comment

by:Dave_AND
ID: 33616187
As far as I am aware, there is no way to do this, when a PC connects to the network, could you do a an nslookup in a cmd window please? see what response you get?
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 33623025
DNS is by default a non-authenticated protocol. Non-domain machines can make requests against the DNS server just as easily as the domain machines. If this isn't working then you likely have another issue, such as firewall rules, causing problems.
-Cliff
 
0
 

Author Comment

by:radiosupport
ID: 33624827
Thanks.. it's very strange, an NSLOOKUP resolves google.com to the correct IP, so it's the traffic that isnt being passed through the ASA 5505 for some reason! A reboot of the router seems to fix this. Any ideas??
0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 33632282
Not without taking a detailed look at your network and firewall rules, sorry.
-Cliff
 
0
 
LVL 15

Expert Comment

by:Dave_AND
ID: 33634572
So there is some reason for the firewall to block traffic, sadly im not a Cisco person, but with watchguard it is able to block IPs due to behaviour  like port scans, virus's etc. Is there a way to look at blocked IPs within the ASA500? Worth a look.
0
 
LVL 3

Expert Comment

by:scraane
ID: 33635773
How many people is your ASA5505 licenced for? If you have more that x number IP addresses accessing the internet, it will block all above your ASA limit.

Do a 'show local' on the asa to see the number of active sessions. Do a 'show ver' to see the license.
0
 

Author Comment

by:radiosupport
ID: 33635797
Thank  you. I bet this is the issue.. I can't see a "show local", I'm using ASDM 6. Any ideas?
0
 
LVL 3

Accepted Solution

by:
scraane earned 500 total points
ID: 33635833
It is on the commandline. telnet to your asa and use the command. You can also send commandline commands through the ASDM. I think it is on the TOOLS menu.
0
 

Author Comment

by:radiosupport
ID: 33635865
Thank you. This is the issue indeed. Many thanks.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question