Internal NDS

**awangatb00** · 06-18-2008, 07:58 PM

Hi,

Just upgraded to 5.2 from 5.???? (old version were network config was java based)

I had/have an issue. After the upgrade everything worked fine. About 2 hours after upgrading internal DNS stopped working. All my PC's are DHCP and point to the untangle server for DNS and it just stopped answering.

I got on the untangle box and from a terminal window and was able to nslookup just fine but from any of my PC's behind the untangle server would not get any response from the untangle server.

I turned off Intrusion Prevention, Virus Blocker, and Spyware blocker. After this things started working. I have Turned these back on and Turned off Attack Blocker seeing that some other thread said something about that causing DNS issues.

One other thing to note that I am not sure has any affect is that I host my own DNS from a server behind the untangle box.

Anyone have any ideas why this happened and what I can do to stop it from happening again.

**awangatb00** · 06-18-2008, 08:13 PM

I thought everything was back and working but my Vista system still can not get DNS to work.

**Silver Bullet** · 06-18-2008, 08:20 PM

Are you forwarding name queries to the Untangle server or is your internal DNS server resolving from the root servers?

**awangatb00** · 06-18-2008, 08:38 PM

All the root request go to the untangle server. I even have my local DNS server setup to forward to the untangle box.

What DNS is used in untangle? When I run a "ps -ef | grep name" I do not get anything back.

Also sorry I am tired and jumping to conclusion.

I can not get any nslookups to work from any system but for some reason my Windows XP system still can get to things like www.google.com anf forums.untangle.com

**Silver Bullet** · 06-18-2008, 08:40 PM

Go to Advanced mode in alpaca and then go into the Packet Filter and make sure that you are allowing access to the local DNS server in the "System Packet Filter Rules"

**awangatb00** · 06-18-2008, 08:56 PM

Think I got it and I did not have to go that far.

Under port forwarding I had a rule that worked in the old version that just forwarded everything to port 53 of my DNS server. Some how that worked.

In the new version it looks like it made a loop.

PC ---Port 53---------------> Untangle ------------> Internal DNS --------> Untangle -------> Internal DNS ------> Untangle --------> ...............

I went and changed my port forward rule only to apply to the external interface and now all nslookups work and my Vista system works as well.

Not 100% sure but I think this is/was the problem.

Protect

Filter

Perform

Connect

Manage

Add-Ons

Thread: Internal NDS

LinkBack

Thread Tools

Internal NDS

Posting Permissions