Re: Can't Resolve from behind firewall

From: khayes@eastbay.com
Date: 10/17/02


To: "Ahmed.Shazly" <ahmed.shazly@hotpop.com>
From: khayes@eastbay.com
Date: Thu, 17 Oct 2002 11:42:38 -0700


Have you tried taking at a look at the network traffic to see if the two
DNS servers are even getting past the handshake phase? From the limited
information I have, I'd have to venture a guess that they're not.

Ken Hayes
Network Administrator
Eastbay / Footlocker.com
Wausau, WI Offices
(715) 261-9573
khayes@eastbay.com

                                                                                                                            
                                                                                                                            
                                                                                                                            
                                                                                                                            
                                       To: <security-basics@securityfocus.com>
                                       cc:
              "Ahmed.Shazly" Subject: Can't Resolve from behind firewall
              <ahmed.shazly@hotpop.com
>
                                                                                                                            
              10/16/2002 05:15 PM
                                                                                                                            
                                                                                                                            

Hi everyone,
  I Just got a PIX 501 for my company and since they have strict policies i
do have to strict usage to port 80, now with the PDM i try permiting
outgoing traffic from the my local net on port 80 to any outside port and
permit outgoing traffic on port 53 for the DNS to any port since we use the
DNS server of our ISP. the only thing that happens is that i still can't
resolve websites and they only work if i use their IP addresses. i do use
PAT and i'm not sure wheather it has anything to do with whats going on any
suggestions?

Regards,
     A.Shazly

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - -
The information in this e-mail, and any attachment therein, is confidential
and for use by the addressee only. If you are not the intended recipient,
please return the e-mail to the sender and delete it from your computer.
Although the Company attempts to sweep e-mail and attachments for viruses,
it does not guarantee that either are virus-free and accepts no liability
for any damage sustained as a result of viruses.