I again apologize if this has been discussed at great lengths, but I did
search the archives and the internet
for specific information about this problem.
Regarding: Checkpoint Firewall-1 4.1 SP2, NT 4.0 SP6a
Internal network 10.0.0.0/8
Recently, I became in charge of the firewall of our company. I restricted
all outgoing access except that which
was required (ftp, http, https, smtp, pop3). We have a split DNS scheme,
with the internal DNS serving our
intranet and an external DNS server with legimate information. These two
DNS machines do not repliate
information, and are separated by the firewall.
After some struggling with DHCP (finally got that working), now I am
noticing in Checkpoint logs
that the internal DNS server is trying to contact a.root-servers.net,
b.root-servers.net, etc. I did not notice
anything about these root-servers in DNS configurations at Phoneboy or
Checkpoint's site.
Logs:
Drop Internal_DNS a.root-servers.net UDP Rule16(drop rule)
domain-udp
I have a rule that says:
Internal_Net DNS_Servers udp-domain,tcp-domain Accept loglong
BUT I don't have a.root-servers.net,etc. listed in DNS_Servers. Should I?
Is this strange?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
