Actually, DNS is both TCP and UDP (port 53 for both)
Here's a list of ports in case you need them:
http://www.gdd.net/cisco/tcp
----- Original Message -----
From: Peter Slow <[EMAIL PROTECTED]>
To: Millner, Gary <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, November 06, 2000 5:49 AM
Subject: Re: DNS Problem
> first, dns is only udp.
> dns will establish connections by connecting TO port 53, but will connect
from a port
> >1023.
> just allowing established connections will NOT work.
> dns server that your dns server queries will need to open a connection
TO your
> nameserver.
> you need to find a DNS server that everyone will use, and allow ALL ports
>1023 on that
> dns server to open udp connections to your nameserver.
>
> if you want to learn from this, you need to go to the router with the
problem, debug
> security, and udp / tcp packets (as detailed as possible) and look at what
is Being
> denied and how you can fix it.
>
>
>
>
>
>
>
> "Millner, Gary" wrote:
>
> > I have a unique problem. I'm trying to put our firewall up using the
Cisco
> > IOS access-list commands. When I put it in place, with TCP and UDP
ports 53
> > open, DNS will not work. We are using Windows 2000 Server as our DNS
> > Server. Is there a bug in Windows 2000? Or does Windows 2000 use an
> > additional port for DNS that I'm not aware of.
> >
> > Thanks.
> >
> > Gary Millner
> > [EMAIL PROTECTED]
> >
> >
> >
> > _________________________________
> > FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
