[ previous ] [ next ] [ threads ]
 
 From:  =?iso-8859-1?Q?T=E8cnica_de_Sistemes_Cal_Peles?= <tech at tscp dot info>
 To:  "'Chris Buechler'" <cbuechler at gmail dot com>, "'Tim Vaughan'" <talltim at gmail dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] DNS forwarder using Active Directory
 Date:  Tue, 20 Feb 2007 23:02:10 +0100
The best solution is use the forwarder option on Microsoft DNS.
And on the future use a third level domain on the domain and not the
ambiguous .local, for example if your public domain is domain.net  use
local.domain.net as the windows domain. Clean and easy for future ideas, and
without the conflictive modifications on mac for understand the .local

Best regards 


 
 
 
 
______________________________________________
Jan Arbona


www.tscp.info
 

-----Mensaje original-----
De: Chris Buechler [mailto:cbuechler at gmail dot com] 
Enviado el: martes, 20 de febrero de 2007 20:00
Para: Tim Vaughan
CC: m0n0wall at lists dot m0n0 dot ch
Asunto: Re: [m0n0wall] DNS forwarder using Active Directory

On 2/20/07, Tim Vaughan <talltim at gmail dot com> wrote:
> Hi,
>
> I work in an office that has two networks behind a m0n0wall.  One is 
> run by my colleague who only tolerates Windows servers - the other is 
> mine.
>
> I'm using m0n0wall as a DNS forwarder on the LAN interface
> (192.168.123.xxx) and has a .tim domain.
> The other network is on OPT1 (192.168.2.xxx) and has a Windows SBS 
> machine running Active Directory, DHCP etc - m0n0wall is just a 
> gateway.  It has a .fluid.local domain
>
> I want m0n0wall to forward DNS requests for xxx.fluid.local to the SBS 
> machine which is at 192.168.2.111.  I've set it up as I thought was 
> right, in a way which worked when I had a VPN between two m0n0walls 
> but it's not working.  dig@192.168.2.111 commands work ok on a machine 
> on my network so I don't understand why the m0n0 doesn't forward the 
> DNS requests.
>

I'm guessing the authoritative DNS server for the domain you've setup are
across an IPsec connection. If that's the case, the fix is the same as the
SNMP over VPN fix (see FAQ).

-Chris

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch