Screen OS

last person joined: 7 months ago 

This is a legacy community with limited Juniper monitoring.
  • 1.  SSG5 DNS

    Posted 08-27-2009 09:12

    Hi All,

     

    This is my 3rd site to site installation of SSG5s' working over VPN.  This time however, I've come across a bit of a problem with one of the units.  

     

    Basically, the installation at the satellite office was not successful due to some sort of DNS problem with one of the routers in particular.  All of the interfaces are default ; ie 0/0 untrusted, 0/2-6 trusted.  I double checked that I had correct settings for gateway, DNS, etc but was unable to resolve any hostnames by FQDN.  What was odd though is I was able to ping by IP address, even resolve hostname with IP:80 in browser.  My feeling was that the router is defective so I flashed it with the latest stable firmware hoping that would resolve the problem.  The flashing was successful but after that I could not access the device through webui, so I attempted a reset with the pin - got the red light etc and it supposedly reset.  Now I cannot access the device at all.  

     

    As a note, the unit that I setup at our home office took less than a minute to configure and is working great.  The only difference was that we have a dedicated DNS server here, as opposed to at our satellite office where I was hoping to use the SSG5 to handle DNS.

     

    Any ideas? 

     

     



  • 2.  RE: SSG5 DNS
    Best Answer

    Posted 08-27-2009 11:26
    If you want the ssg to handle the dns you'll have to configure dns proxy setting. use * for domain and resolve to an externaal dns server. Then enable dns proxy on bgroup0. Why the device is unreachable I can't tell from your info. Does things look well when you use the console ? (get sys get int etc)


  • 3.  RE: SSG5 DNS

    Posted 08-27-2009 12:26
    Worked like a charm - thanks for your help.


  • 4.  RE: SSG5 DNS

    Posted 08-27-2009 13:29
    You're wellcome!