ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

Route Baed VPN DNS Resolution problems

‎01-13-2011 02:36 PM

We have established a VPN tunnel between a SRX and SSG. Clients a in site A and DNS Server is in site B. The DNS server ip is use at the clients in site A. We can ping alle remote hosts and nslookup is working.

 

We have trouble to ping DNS names and can't resolve any names with IE or ping e.g.! I didn't know why nslookup is working and ping and IE can't resolve any names!

2 REPLIES 2
ScreenOS Firewalls (NOT SRX)

Re: Route Baed VPN DNS Resolution problems

‎01-13-2011 04:47 PM

Hi,

 

If you can ping the DNS server, I would try to telnet into port 53.  If you don't get a connection, it may be a policy.  I would also try to run some nslookups using something else.  For example (windows):

 

nslookup

server 4.2.2.2

yahoo.com

 

-John

John Judge
JNCIS-SEC, JNCIS-ENT,

If this solves your problem, please mark this post as "Accepted Solution". Kudos are appreciated.
ScreenOS Firewalls (NOT SRX)

Re: Route Baed VPN DNS Resolution problems

‎01-16-2011 02:37 PM

Hi

 

You may want to allow netbios traffic as well.

 

Ta

 

Jude