ICS with a Linux box and DNS query.
I have an odd problem that I would love to be solved.
I have an XP machine with ZA Pro installed and I have linked a linux box to this using a cross-over patch cable.
I use Internet Connection Share ( from my XP) to surf / use the net on my Linux box.
The Internet connection share setup between the two machines works fine when ZA is turned off. So I know both machines are configured ok.
When I activated ZA on XP I could not surf or ping addresses which were in word format i.e. ping internet.org does not work but I can ping 111.222.333.444. This lead me to assume that there is something wrong with DNS connection.
My Broadband connection is in the Internet Zone and I have allowed port 53 / 67 UDP. However, when I change the nameserver line in the relevant linux file from 192.168.0.1 to xxx.xxx.xxx.xxx, which is a valid DNS server, I can surf / ping as normal.
My Linux box is in my trusted zone.
nameserver 192.168.0.1 + ZA Turned Off = Linux surfing OK
nameserver 192.168.0.1 + ZA Turned On = No Linux surfing
nameserver xxx.xxx.xxx.xxx ( VALID DNS) + ZA Turned on = Linux surfing OK.
The problem is that I could surf properly when nameserver was set to 192.168.0.1 but ZA was turned off. So obviously ZA is stopping something and it does not allow me to use 192.168.0.1, whereas I can use it if ZA is turned off. I allow DNS port 53 UDP in my Internet settings. Changing nameserver to a valid DNS allows for surfing, so there cannot be anything wrong with UDP Port53 DNS settings.
I would like to surf without changing the nameserver to xxx.xxx.xxx.xxx .
How can I configure ZA to allow me to surf and use 192.168.0.1 as a nameserver ?
Everything was working fine until my ISP made changes to which server I connected to when logging in.
Thanks for bearing with me and sorry if it sounds confusing :(
ps: There are valid reasons as to why I must use 192.168.0.1 as nameserver.
Operating System:Windows XP Pro
Product Name:ZoneAlarm Pro
Re: ICS with a Linux box and DNS query.
I not so sure about using the XP as a name server for the Linux. You may need something like DNS cache server soft such as Tree Walk DNS. This is an advantage if using dialup, but not really needed if using dsl or cable connections.
You may be further ahead just to purchase a router for your connection and allow the router to be the dns server or use a linux box with firewall with dns caching.
As for the rule and ports, for the DNS, allow both TCP and UDP outbound to the port 53 and allow UDP inbound from port 53.
For the DHCP allow change the allowed port 67 to 66-67 for both local and remote. With the correct IP locking these in.
Message Edited by Oldsod on 02-06-2008 03:42 AM