Hi Mark,
Did you push the policy after unchecking it? Are there any event log errors?
Ray
From: "Devanney, Mark" <[EMAIL PROTECTED]> Reply-To: Mailing list for discussion of Firewall-1 <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [FW-1] DNS Zone Transfers Date: Fri, 18 Jun 2004 15:02:31 +0100
using 2000, have unchecked the "udp protocol enforcement" but still cant transfer zones.
i am just using internal dns between subnets, all are ok apart for sites via fw's
all other traffic is normal between sites
Rgds Mark
-----Original Message----- From: Ray [mailto:[EMAIL PROTECTED] Sent: 17 June 2004 20:11 To: [EMAIL PROTECTED] Subject: Re: [FW-1] DNS Zone Transfers
What software are the DNS servers running? NT, 2000, BIND ? If BIND 9, go into SmartDefense and try unchecking its DNS protection.
Looks like your masters are running BIND 9, at least the external ones. Unless you've spoofed the version check, that is. http://www.dnsreport.com/tools/dnsreport.ch?domain=howcogroup.com
Ray
>From: "Devanney, Mark" <[EMAIL PROTECTED]> >Reply-To: Mailing list for discussion of Firewall-1 ><[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: [FW-1] DNS Zone Transfers >Date: Thu, 17 Jun 2004 17:08:38 +0100 > >Hi All, > >Have problem with secondary dns servers trying to do zone transfers with >primary dns servers, sites not connected via checkpoint transfer ok, sites >connected via vpn do not. Have enabled "accept domain name over udp/tcp" >with no changes. dont see any drops in logs. anyone any thoughts > >Rgds >Mark > > >********************************************************************** >Internet Sites: Technical Guide: www.howcogroup.com > > >DISCLAIMER: This e-mail contains proprietary information some or all of >which may be legally privileged. It is for the intended recipient only. >Opinions, conclusions and other information in this message that do not >relate to the official business of Howco Group shall be understood as >neither given nor endorsed by it. >********************************************************************** > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >=================================================
_________________________________________________________________ Stop worrying about overloading your inbox - get MSN Hotmail Extra Storage! http://join.msn.click-url.com/go/onm00200362ave/direct/01/
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
********************************************************************** Internet Sites: Technical Guide: www.howcogroup.com
DISCLAIMER: This e-mail contains proprietary information some or all of which may be legally privileged. It is for the intended recipient only. Opinions, conclusions and other information in this message that do not relate to the official business of Howco Group shall be understood as neither given nor endorsed by it. **********************************************************************
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
_________________________________________________________________ Get fast, reliable Internet access with MSN 9 Dial-up – now 3 months FREE! http://join.msn.click-url.com/go/onm00200361ave/direct/01/
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
