Results 1 to 2 of 2

Thread: ICS with a Linux box and DNS query.

  1. #1
    general_zod Guest

    Default ICS with a Linux box and DNS query.

    Hi there,
    I have an odd problem that I would love to be solved.
    I have an XP machine with ZA Pro installed and I have linked a linux box to this using a cross-over patch cable.
    I use Internet Connection Share ( from my XP) to surf / use the net on my Linux box.
    The Internet connection share setup between the two machines works fine when ZA is turned off. So I know both machines are configured ok.
    When I activated ZA on XP I could not surf or ping addresses which were in word format i.e. ping internet.org does not work but I can ping 111.222.333.444. This lead me to assume that there is something wrong with DNS connection.
    My Broadband connection is in the Internet Zone and I have allowed port 53 / 67 UDP. However, when I change the nameserver line in the relevant linux file from 192.168.0.1 to xxx.xxx.xxx.xxx, which is a valid DNS server, I can surf / ping as normal.
    My Linux box is in my trusted zone.


    nameserver 192.168.0.1 + ZA Turned Off = Linux surfing OK

    nameserver 192.168.0.1 + ZA Turned On = No Linux surfing

    nameserver xxx.xxx.xxx.xxx ( VALID DNS) + ZA Turned on = Linux surfing OK.

    The problem is that I could surf properly when nameserver was set to 192.168.0.1 but ZA was turned off. So obviously ZA is stopping something and it does not allow me to use 192.168.0.1, whereas I can use it if ZA is turned off. I allow DNS port 53 UDP in my Internet settings. Changing nameserver to a valid DNS allows for surfing, so there cannot be anything wrong with UDP Port53 DNS settings.
    I would like to surf without changing the nameserver to xxx.xxx.xxx.xxx .
    How can I configure ZA to allow me to surf and use 192.168.0.1 as a nameserver ?

    Everything was working fine until my ISP made changes to which server I connected to when logging in.

    Thanks for bearing with me and sorry if it sounds confusing

    zod

    ps: There are valid reasons as to why I must use 192.168.0.1 as nameserver.

    Operating System:Windows XP Pro
    Software Version:
    Product Name:ZoneAlarm Pro

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: ICS with a Linux box and DNS query.

    I not so sure about using the XP as a name server for the Linux. You may need something like DNS cache server soft such as Tree Walk DNS. This is an advantage if using dialup, but not really needed if using dsl or cable connections.
    You may be further ahead just to purchase a router for your connection and allow the router to be the dns server or use a linux box with firewall with dns caching.

    As for the rule and ports, for the DNS, allow both TCP and UDP outbound to the port 53 and allow UDP inbound from port 53.
    For the DHCP allow change the allowed port 67 to 66-67 for both local and remote. With the correct IP locking these in.

    Oldsod

    Message Edited by Oldsod on 02-06-2008 03:42 AM
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •