Can not thank the responder enough for the quick response. DNS works in the machine, as is evidenced by success of nslookup, host commands and successful browsing.
I am attaching the ipchain output. 192.168.5.2 is the NAS, 192.168.5.3 is the radius server. Chain input (policy ACCEPT): target prot opt source destination ports ACCEPT all ------ anywhere anywhere n/a ACCEPT tcp !y---- anywhere 192.168.5.0/24 any -> any DENY all ------ 10.0.0.0/8 192.168.5.0/24 n/a DENY all ------ 127.0.0.0/8 192.168.5.0/24 n/a DENY all ------ 172.16.0.0/12 192.168.5.0/24 n/a DENY all ------ 192.168.0.0/16 192.168.5.0/24 n/a DENY tcp ----l- anywhere 192.168.5.0/24 any -> 31337 DENY udp ----l- anywhere 192.168.5.0/24 any -> 31337 DENY tcp ----l- anywhere 192.168.5.0/24 any -> 12345:12346 DENY udp ----l- anywhere 192.168.5.0/24 any -> 12345:12346 DENY tcp ----l- anywhere 192.168.5.0/24 any -> ingreslock DENY tcp ----l- anywhere 192.168.5.0/24 any -> 27665 DENY udp ----l- anywhere 192.168.5.0/24 any -> 27444 DENY udp ----l- anywhere 192.168.5.0/24 any -> 31335 DENY all ------ BASE-ADDRESS.MCAST.NET/8 anywhere n/a DENY all ------ anywhere BASE-ADDRESS.MCAST.NET/8 n/a DENY all ------ 203.190.34.0/24 anywhere n/a DENY udp ------ anywhere anywhere any -> bootps:bootpc ACCEPT tcp ------ 192.168.5.0/24 192.168.5.0/24 any -> http REJECT tcp ------ anywhere 192.168.5.0/24 any -> auth REJECT udp ------ anywhere 192.168.5.0/24 any -> auth DENY tcp ------ anywhere anywhere any -> netbios-ns:netbios-ssn DENY udp ------ anywhere anywhere any -> netbios-ns:netbios-ssn REJECT udp ------ anywhere anywhere any -> router DENY tcp ----l- anywhere anywhere any -> nfs DENY udp ----l- anywhere anywhere any -> nfs DENY tcp ------ anywhere anywhere any -> cvsup:6003 DENY udp ------ anywhere anywhere any -> cvsup:6003 ACCEPT tcp ------ 192.168.5.2 anywhere any -> radius ACCEPT udp ------ 192.168.5.2 anywhere any -> radius ACCEPT tcp ------ 192.168.5.2 anywhere any -> radius-acct ACCEPT udp ------ 192.168.5.2 anywhere any -> radius-acct ACCEPT icmp ------ anywhere 192.168.5.0/24 any -> any ACCEPT tcp ------ anywhere 192.168.5.0/24 any -> 1023:65535 ACCEPT udp ------ anywhere 192.168.5.0/24 any -> 1023:65535 DENY all ----l- anywhere anywhere n/a Chain forward (policy DENY): Chain output (policy ACCEPT): target prot opt source destination ports ACCEPT all ------ anywhere anywhere n/a ACCEPT icmp ------ 192.168.5.0/24 anywhere any -> any ACCEPT all ------ anywhere anywhere n/a - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
