Actually what my problem was was that I had a more restrictive RA Filter processing before the RA Filters for DNS so they weren't even being processed at all. (That's from GTA Tech support- Thanks Blake) I did like he suggested and moved the more restrictive filter lower on the list and thus causing the DNS filters to process first. That seems to have done the trick.
Thanks for all your input. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Paul Emerson Sent: Tuesday, August 08, 2000 10:17 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: PC's on PRO network cannot access DNS server on PSN --------------------- Attention ----------------------------- Online GNAT Box User Forum is Now Open Click the Register link and sign up today http://www.gnatbox.com/cgi-bin/Ultimate.cgi ------------------------------------------------------------- Send postings to: [EMAIL PROTECTED] Access the list archives at: http://www.gnatbox.com/gb-users/ ------------------------------------------------------------- 1. What does the log/console show when you attempt to access the DNS server on the PSN from the PROtected network? Do you get a block? 2. If you are attempting to access the DNS server using the external IP address you should look at your Remote Access filters for DNS. You most likely have "EXT" for the interface. When you attempt to access an inbound tunnel from the Protected network the packet actually arrives on the "PRO" NIC. So change your filter to accept connections from "ANY" network interface. 3. If you are trying to access a DNS server on the PSN from the PROtected network it is best to use the "Real" IP address of the server, (e.g. 192.168.1.15) not the External IP used for the tunnel. 4. Does your Outbound filters allow DNS queries to flow outbound? Paul >I have set up the tunnels and remote access filters exactly how the example >is set up and the PC's on the Protected network cannot get to the DNS >servers either by its EXTERNAL IP address or by its IP address on the PSN. > >The PC's can ping the server so I know that's not it. > >I have opened up BOTH TCP and UDP ports 53 in both the inbound tunnels and >remote access filters. > >Any suggestions? I would appreciate them since I have been up all night >working on this. > >Thanks. > >Steve Parker >Senior Systems Administrator >USdata1 >248-668-9777 office >[EMAIL PROTECTED] > >---------------------------------------------- >To Unsubscribe: send mail to [EMAIL PROTECTED] >with "unsubscribe gb-users your_email_address >in the body of the message -- ---------------------------------------------------------------------------- Paul Emerson Tel: +1.407.380.0220 x106 Global Technology Associates, Inc. Fax: +1.407.380.6080 3505 Lake Lynda Drive Mobile: +1.407.310.8563 Suite 109 Email: [EMAIL PROTECTED] Orlando, Florida 32817 USA Web: http://www.gta.com Mobile Email: [EMAIL PROTECTED] ---------------------------------------------------------------------------- ---------------------------------------------- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe gb-users your_email_address in the body of the message
