Re: How to setup DNS
From: Yossi Attas [MSFT] (yossia_at_online.microsoft.com)
Date: 09/08/04
- Next message: Rising: "Configuration !!"
- Previous message: Yossi Attas [MSFT]: "Re: Unidentified IP Traffic"
- In reply to: Patrick Tang: "Re: How to setup DNS"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 8 Sep 2004 11:14:26 +0300
The scenario is also described in the ISA 2004 secure deployment guide.
http://download.microsoft.com/download/c/e/c/cecc8742-2102-42d4-9fc7-6b641bebbf56/ISASecurityGuide.doc
If you like step by step document i think you'd like the "DNS Servers"
section.
Thanks.
-- Yossi Attas [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights. "Patrick Tang" <PatrickTang@discussions.microsoft.com> wrote in message news:07DE5CD6-8229-4409-BCA8-D2E074EC17D1@microsoft.com... > Hi Bruno, > > My english is not good enough too, so never mind. > > To install DNS on ISA just because I read another article and I just > follow > that. (Please note, I am a dummy user). So is it any where I can find a > step-by-step guide on how to setup the whole thing (similiar to my > situation > would be nice). As even I understand your point, I still not familiar how > to > do the configuration (step-by-step). > > Regards, > Patrick > Patrick > > "Bruno GUERPILLON" wrote: > >> Patrick Tang wrote: >> | Hi Bruno, >> | >> | Thanks for your reply, however I think I didn't ask the question >> | clearly, your answer is yet to apply. >> | >> | My situation is I have two computers, one has AD and DNS setup, >> | another one has 2000 server and ISA setup, they are only linked but >> | not domain relationship yet. As you know when you setup AD, DNS will >> | config. automatically (both forward and reverse zone). But on the >> | ISA machine, no DNS setup/install yet, then I have to install DNS. >> | At this time there is one DNS service on each machine, right? On the >> | ISA machine, I could config. forward zone for internal NIC & external >> | NIC, **Question is what do I have to do for the reverse zone here?** >> | At the same time **What do I have to config for the AD machine's DNS >> | reverse zone** So therefore, the internal network can handle by the >> | AD machine and external handle by the ISA server. (tell me if this >> | concept is wrong.) >> | >> | Help you can help me. BTW, what is "FAI DNS" that you mention? >> | >> | Regards, >> | Patrick >> | >> >> Hi Patrick >> The question is : why install DNS on ISA too ? >> Of course, AD need DNS but what's the goal to install DNS on ISA ? If you >> configure external NIC with ISP DNS (really really sorry for FAI, FAI >> stand >> for ISP, FAI is french /cough), the ISA can act as a DNS proxy, i'm ok. >> The other question is : do you want to host / publish your own DNS ? >> I think there is a misconception about DNS. >> Correct me if i'm wrong. >> You dont want to have your edge ISA as a domain member. Anyway, you want >> your domain member to access Internet via ISA. >> So, just install DNS on the CD (if not, no AD i agree) and configure ISA >> to >> grant DNS access for the internal DNS. >> I agree my english isnt that perfect but i hope you will understand what >> i >> mean :p >> >> >> | "Bruno GUERPILLON" wrote: >> | >> || PatrickTang wrote: >> ||| Hi everyone, I would like to setup one AD server and one ISA server >> ||| (seperate machine), I've looking for advice around and people said, >> ||| I need to setup DNS on both server, obviously, the ISA server should >> ||| handle external IP/DNS, but I wonder which one should handle for >> ||| internal DNS. >> ||| >> ||| In the forward zone of ISA server's DNS, I have both internal and >> ||| external IPs, what about the reverse zone? what goes in there? And >> ||| what about the AD server's DNS, what should be in forward and >> ||| reverse zone? >> ||| >> ||| If both server on one machine, I know I only have to deal with the >> ||| "forwarder" in DNS, but now, I really confuse!! >> || >> || Hi Patrick >> || >> || So, if you have DNS and ISA on different computers, here are the >> || things i like to do. >> || 1 - install DNS on a LAN comp, configure reverse zone, redirector >> || are your FAI DNS IPs. >> || 2 - DCPROMO your CD, follow wizard >> || 3 - Install ISA, do it member of domain following your goals / >> || infrastructure. >> || 4 - Configure internal ISA NIC to be DNS client of your internal DNS >> || 5 - Configure a protocole rule (access rule if ISA2K4) to grant DNS >> || resolution only to the internal DNS Server. >> || 6 - Configure all clients to use internal DNS >> || >> || This way, you control who can do external DNS resolution (here, only >> || the internal DNS server). >> || >> || I hope it helps >> || >> || Regards >> || >> || >> || >> || -- >> || Tenez nous au courant >> || >> || cordialement, >> || >> || Bruno GUERPILLON >> || http://isa.gerpion.com >> >> -- >> Tenez nous au courant >> >> cordialement, >> >> Bruno GUERPILLON >> http://isa.gerpion.com >> >> >>
- Next message: Rising: "Configuration !!"
- Previous message: Yossi Attas [MSFT]: "Re: Unidentified IP Traffic"
- In reply to: Patrick Tang: "Re: How to setup DNS"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
