Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

SBS 2O08 Non Domain Users use DNS

Posted on 2010-09-07
9
734 Views
Last Modified: 2012-05-10
Hi,

I have an issue with SBS 2008 whereby non domain users (visiting users), get DHCP allocated, but DNS does not work for them. (they are allocated the correct IP of the DC for DNS)

I have my ISP's DNS servers setup as forwarders, and it's working for domain users.

How do I set SBS to allow non domain systems access to DNS?

Thanks!
0
Comment
Question by:radiosupport
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 15

Expert Comment

by:Dave_AND
ID: 33616187
As far as I am aware, there is no way to do this, when a PC connects to the network, could you do a an nslookup in a cmd window please? see what response you get?
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 33623025
DNS is by default a non-authenticated protocol. Non-domain machines can make requests against the DNS server just as easily as the domain machines. If this isn't working then you likely have another issue, such as firewall rules, causing problems.
-Cliff
 
0
 

Author Comment

by:radiosupport
ID: 33624827
Thanks.. it's very strange, an NSLOOKUP resolves google.com to the correct IP, so it's the traffic that isnt being passed through the ASA 5505 for some reason! A reboot of the router seems to fix this. Any ideas??
0
Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 33632282
Not without taking a detailed look at your network and firewall rules, sorry.
-Cliff
 
0
 
LVL 15

Expert Comment

by:Dave_AND
ID: 33634572
So there is some reason for the firewall to block traffic, sadly im not a Cisco person, but with watchguard it is able to block IPs due to behaviour  like port scans, virus's etc. Is there a way to look at blocked IPs within the ASA500? Worth a look.
0
 
LVL 3

Expert Comment

by:scraane
ID: 33635773
How many people is your ASA5505 licenced for? If you have more that x number IP addresses accessing the internet, it will block all above your ASA limit.

Do a 'show local' on the asa to see the number of active sessions. Do a 'show ver' to see the license.
0
 

Author Comment

by:radiosupport
ID: 33635797
Thank  you. I bet this is the issue.. I can't see a "show local", I'm using ASDM 6. Any ideas?
0
 
LVL 3

Accepted Solution

by:
scraane earned 500 total points
ID: 33635833
It is on the commandline. telnet to your asa and use the command. You can also send commandline commands through the ASDM. I think it is on the TOOLS menu.
0
 

Author Comment

by:radiosupport
ID: 33635865
Thank you. This is the issue indeed. Many thanks.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question