FirewallWizards
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [fw-wiz] Does dns proxy on NetScreen 5xx support reverse dns lookups

from [Paul Melson] [Permanent Link][Original]
To: "Firewall Wizards Security Mailing List" <firewall-wizards@listserv.icsalabs.com>
Subject: Re: [fw-wiz] Does dns proxy on NetScreen 5xx support reverse dns lookups
From: "Paul Melson" <pmelson@gmail.com>
Date: Sun, 18 Mar 2007 09:51:13 -0400
Cc: aymond.jacob@navy.mil
Delivered-to: sp-com-lists@consult.net
Delivered-to: fwwizards-list2@consult.net
Delivered-to: firewall-wizards@listserv.icsalabs.com
In-reply-to: <D95A0509A7959748B5A5016CF67E00320680FC2E@NAEACHRLEX01VA.nadsusea.nads.navy.mil>
List-archive: <https://listserv.icsalabs.com/pipermail/firewall-wizards>
List-help: <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=help>
List-id: Firewall Wizards Security Mailing List <firewall-wizards.listserv.icsalabs.com>
List-post: <mailto:firewall-wizards@listserv.icsalabs.com>
List-subscribe: <https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards>, <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=subscribe>
List-unsubscribe: <https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards>, <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=unsubscribe>
References: <D95A0509A7959748B5A5016CF67E00320680FC2E@NAEACHRLEX01VA.nadsusea.nads.navy.mil>
Reply-to: Firewall Wizards Security Mailing List <firewall-wizards@listserv.icsalabs.com>
Sender: firewall-wizards-bounces@listserv.icsalabs.com 
On 3/15/07, Jacob, Raymond A Jr <raymond.jacob@navy.mil> wrote:
> I installed a Netscreen running 5.x. I configured the workstations to use
> the Netscreen IP address as the  DNS server.
> When I use fqdn, I can resolve. When I use ip -addresses no records are
> returned.
> In order to get dns working I configured a policy to reach the DNS servers
> directly.
> Question: Does the netscreen dns proxy support reverse dns lookups? Is there
> a special setting
> I need to set?

The NetScreen DNS "proxy" is really only there to handle split-dns
routing for VPNs.  One thing to test is to use nslookup to verify that
the DNS servers you have specified with 'dns host' in your config will
return PTR lookups.  It may not be a problem with the firewall at all.

PaulM
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [fw-wiz] Does dns proxy on NetScreen 5xx support reverse dns lookups, Jacob, Raymond A Jr
Next by Date:  [fw-wiz] Fwd: Re: Firewall configuration with DMZ, Anthony Mile
Previous by Thread:  [fw-wiz] Does dns proxy on NetScreen 5xx support reverse dns lookups, Jacob, Raymond A Jr
Next by Thread:  [fw-wiz] Fwd: Re: Firewall configuration with DMZ, Anthony Mile
Indexes:  [Date] [Thread] [Top] [All Lists]