Re: view problem

2016-10-19 Thread Pol Hallen
If there are zones that both sets of clients should see, you have to duplicate them in both views. Overlapping views don't do this automatically. solved thanks your advice cheers! Pol ___ Please visit

Re: view problem

2016-10-18 Thread Jay Ford
On Wed, 19 Oct 2016, Mark Andrews wrote: In message , Jay Ford writes: Right. "in-view" can be useful for this, as long as you only need to refer to previously defined views (i.e., it unfortunatley doesn't allow forward references).

Re: view problem

2016-10-18 Thread Mark Andrews
In message , Jay Ford writes: > On Tue, 18 Oct 2016, Barry Margolin wrote: > > If there are zones that both sets of clients should see, you have to > > duplicate them in both views. Overlapping views don't do this > > automatically. > >

Re: view problem

2016-10-18 Thread Jay Ford
On Tue, 18 Oct 2016, Barry Margolin wrote: If there are zones that both sets of clients should see, you have to duplicate them in both views. Overlapping views don't do this automatically. Right. "in-view" can be useful for this, as long as you only need to refer to previously defined views

Re: view problem

2016-10-18 Thread Barry Margolin
In article , Pol Hallen wrote: > > Please be aware that only one view is visible for any client. > > mhmh... > > how I can solve my problem? > > all clients need to access to my zones but mobile clients (don't have

Re: view problem

2016-10-18 Thread Pol Hallen
Please be aware that only one view is visible for any client. mhmh... how I can solve my problem? all clients need to access to my zones but mobile clients (don't have vpn client) needs to access to all zones exception vpn (but can use FQDN) any idea? thanks POl

RE: view problem

2016-10-18 Thread RAM MOHAN, Hari Ganesh
zone "zone1" { type master; file "/etc/bind/zones/zone1.db"; }; Thanks & Regards, Hari Ganesh Ram Mohan From: Sten Carlsen [mailto:st...@s-carlsen.dk] Sent: Tuesday, October 18, 2016 2:37 PM To: RAM MOHAN, Hari Ganesh Cc: m...@fuckaroun

Re: view problem

2016-10-18 Thread Sten Carlsen
Please be aware that only one view is visible for any client. You have acl1 in both views indicating that you assume a host in acl1 can get info from both views - this is not possible. The list is searched from the top of the file and the first match, only the first, will be the DNS service

RE: view problem

2016-10-18 Thread RAM MOHAN, Hari Ganesh
View concept works in order, as you have internal_lan view first, acl1 users are falling to this view and not able to find vpn_zone. You may try swapping order, // vpn view "vpn" { match-clients { acl1; }; zone "vpn_zone" { type master; file