Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

DNS Forwarders

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Network Infrastructure >> DNS Forwarders Page: [1]
Login
Message << Older Topic   Newer Topic >>
DNS Forwarders - 19.Feb.2008 4:07:59 PM   
gruSP

 

Posts: 7
Joined: 8.Feb.2008
Status: offline 		Does this even work??? I have a domain in a forest. DNS has to see the other domains. When setting up DNS forwarding, the last step was to set the default GW on the DNS Server to the internal address of the ISA. IF we do that we won't see the other domains.

The ISA has 2 NICs and all traffic came to a screeching halt when we tried to use the DNS Forwarders. We did NOT change the default gateway on the DNS Server(s). The only way I can get DNS to work both publicly and privately is to program DNS Settings on both interfaces. I was trying to get away from that as good practice or at least what I thought was good practice.

I also want to point out that I setup a DNS Forwarder rule as well that allowed the DNS Server out of the External Interface. I just kept getting error 11001.

Any help?
Post #: 1
RE: DNS Forwarders - 26.Feb.2008 5:29:08 PM   
pwindell

 

Posts: 782
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline 		If the ISA was the DFG of the DNS Server,...and assuming that is correct according to the LAN's overall design and doesn't conflict with the LAN's routing scheme,...then the only conclusion is that you did something wrong when creating the Access Rule for the outbound DNS queries.

To have one Domain "see" other Domains,...that depends

Single Forest with multiple Domains,...you do nothing,...the Forest Replication makes every DNS have perfectly synced Zones with all the other DNSs in the Forest.

Multiple Forests with Trusts between them,...you have to use Zone Transfers to make every DNS "aware" of the Zones in all the other DNSs.  The Zone Transfers operate as a "form" of replication to make up for the fact that normal Replication only occurs within a Forest.

_____________________________

Phillip Windell
www.wandtv.com

(in reply to gruSP)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Network Infrastructure >> DNS Forwarders Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts