Re: NSLOOKUP & PING to external targhet NOT working
From: Bruno GUERPILLON (spam_at_gerpion.com)
Date: 09/06/04
- Next message: Jack Pea***: "Re: NSLOOKUP & PING to external targhet NOT working"
- Previous message: Eric Sun [MSFT]: "RE: Relying"
- In reply to: Jo: "NSLOOKUP & PING to external targhet NOT working"
- Next in thread: Jack Pea***: "Re: NSLOOKUP & PING to external targhet NOT working"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 6 Sep 2004 17:03:20 +0200
Jo wrote:
> Hy!
> i have this problem.
> NSLOOKUP to external targhet is not working
> PING to external target only works from the isa box and not the
> clients ---------
> i have 2 dc with dns (win2003srv) with the right forwarders pointing
> to out ISP DNS
> i have 1 isa server box (isa2004) win2003srv not dc
> i can ping only form isabox and i can't nslookup to external source
> from internal client unless is pecity the isp dns server as second
> parameter. my internal dns seems not to be able to find sources.
> my dns are configured to use forwarders.
> i have a firewall policy to permit dns and icmp and ping from internal
> network to external.
> in the logging when i ping or nslookup to external source i see the
> requests, they are allowed by the rules i created. but the result is
> connection denied.
> what can be the cause? and the solution?
> thank U
Hi Jo
Concerning PING, an access rule granting Ping from internal to external
should fit (that's what i'm doing usually).
Concerning NSLOOKUP, if the target domain doesnt have a reverse zone,
nslookup would not run correctly (if not at all).
-- Cordialement, Bruno GUERPILLON http://isa.gerpion.com
- Next message: Jack Pea***: "Re: NSLOOKUP & PING to external targhet NOT working"
- Previous message: Eric Sun [MSFT]: "RE: Relying"
- In reply to: Jo: "NSLOOKUP & PING to external targhet NOT working"
- Next in thread: Jack Pea***: "Re: NSLOOKUP & PING to external targhet NOT working"
- Messages sorted by: [ date ] [ thread ]
