No announcement yet.

IAS/RADIUS Install Causing Firewall to Block DNS

  • Filter
  • Time
  • Show
Clear All
new posts

  • IAS/RADIUS Install Causing Firewall to Block DNS

    I am adding IAS/RADIUS on a W2K3 server. Prior to install all local networking was fine. After running the install wizards I can only ping the server name and domain name when I turn off the server firewall. I assume I have to open some new ports in the firewall? Can someone shed some light on this for me?

  • #2
    Re: IAS/RADIUS Install Causing Firewall to Block DNS

    all dns traffic, including zone transfers and send/receive queries, happen on port 53. short queries are UDP, long queries use TCP...

    BIND also utilizes the 1023 port for client requests, but from server to server, its just the 53. the request from BIND DNS clients may originate from 1023, but the destination port is 53 again.
    its easier to beg forgiveness than ask permission.
    Give karma where karma is due...


    • #3
      Re: IAS/RADIUS Install Causing Firewall to Block DNS

      Which firewall?
      Which OS?
      Installing IAS won't change anything on a firewall
      Technical Consultant

      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
      "No matter how secure, there is always the human factor."

      "Enjoy life today, tomorrow may never come."
      "If you're going through hell, keep going. ~Winston Churchill"


      • #4
        Re: IAS/RADIUS Install Causing Firewall to Block DNS

        While testing the recommendations from James I discovered that with the firewall turned on I can't even ping the server's IP. The only ping that works is a WAN ping. With the firewall disabled all LAN functions are normal.

        Dumber - O/S = Windows 2003 R2 SP2 Standard Edition
        Firewall = McAfee Total Protection 4.5.0

        The only changes I've made to the server today were to run the IAS Wizard and the RRAS Wizard. I agree with your statement, running the wizards should not affect the firewall. Once I configured this firewall to allow some of the system services is automatically blocked, all of my logins, dns worked great for a couple of days and now the only way they'll work is if I turn the firewall off.

        James Haynes - I opened the ports you identified and still no success.

        Thanks to both of you for your replies.
        Last edited by Bob Goodman; 2nd November 2007, 22:30. Reason: clarifications