[j-nsp] DNS
Barny Sanchez
barnys at juniper.net
Mon Mar 1 08:10:43 EST 2010
1) Can you verify that you can ping from FW2 to 4.2.2.2?. If it works, then probably you have a DNS misconfigured.
2) If the previous doesn't work, can you verity that you have a correct routing in place and also that FW1 has a proper policy in place, you can start by testing with a any to any policy.
This is the bare minimal things to check, but there are other problems to consider, such as:
1) NAT misconfiguration.
2) Routing missconfiguration.
3) Without knowing anyting more about your environment, could be a vsys problem (high-end firewalls).
4) VPNs involved?
Thanks,
Barny Sanchez | Consulting Engineer - Security Systems | Juniper Networks
On Mar 1, 2010, at 7:04 AM, SunnyDay wrote:
Hello
I Have 2 netscreen firewall connected on behind the other.
eth0 eth1 eth3
internet <-------FW1<---------->FW2
My problem is that FW2 from the cli is not able to do name resolution.eg:
ping www.google.com.FW1<http://www.google.com.FW1> is able to ping www.google.com<http://www.google.com>
I configured on FW2 open dns with source interface eth3 with no luck any
ideas?
Regards
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list