Hello Greg, It was actually the allow-query directive that you noted in your previous email.
Thanks for your help! On Fri, Feb 15, 2013 at 2:11 PM, Gregory Sloop <[email protected]> wrote: > -SNIP- > > > > --- > Provided the nslookup trace show that the server you expect isn't > giving answers, rather than some other problem... > > Is BIND configured to answer queries from hosts in the IP > block that the station is in? [See listen-on and allow-query in BIND > docs] > > The server can answer queries from the Windows workstation. This vpn > resolution test verifies this: > > Just to be sure the Windows workstation is using the correct DNS, I alter > the record for my vpn server to a nonsense IP of 1.2.3.4... > > But it's authoritative for that zone. [It has to answer (practically), by > definition, for auth zones.] > That doesn't mean it's going to answer queries for just anyone for zones > it's not authoritative for. > > I'm no BIND guru, but I think if you do some searches you'll find there > are options/changes that will allow it to resolve queries for some hosts > for non-auth zones. > I wish I could tell you just what options to change, but I've run into > this kind of thing before and I'm pretty sure it's a BIND config issue - > and that BIND isn't configured to answer queries to hosts other than itself > for non-auth zones. > > -Greg > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
