Announcement

Collapse
No announcement yet.

How to setup MS DNS in machine which is behind a firewall

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to setup MS DNS in machine which is behind a firewall

    Hello,

    I am using MS windows 2003 OS
    My server is behing a firewall and it is hosted in ISP farm (data center)

    I encounter some issue with some ISPs

    I am using the following address as DNS :

    ns1.powers-host.net
    ns2.powers-host.net

    http://www.dnsreport.com/tools/dnsre...owers-host.net

    I would like to know how to configure correctly my DNS server application
    The rules DO apply to me.

  • #2
    We need more info.

    Servers usually in a data centre do not need outgoing internet and email access so DNS doesn't really need to be setup. If for some reason you are running active directory then you need to configure a local DNS for your domain. If it's just a web server or the like then just configure Primary and Secondary DNS using the IP address' of the hosts you provided.

    topper
    * Shamelessly mentioning "Don't forget to add reputation!"

    Comment


    • #3
      My server is shared web hosting machine
      I use Plesk Control Panel ver. 7.5.1
      I use windows 2003 server std. edition
      I use Microsoft DNS
      The rules DO apply to me.

      Comment


      • #4
        and why do you need DNS on it ?

        by the sound of it just setup your DNS servers as the ones you already provided.

        topper
        * Shamelessly mentioning "Don't forget to add reputation!"

        Comment


        • #5
          ns1.powers-host.net
          ns2.powers-host.net

          http://www.dnsreport.com/tools/dnsre...owers-host.net


          the above DNS address are running on the same machine

          what I am asking you , is , how to check that the MS DNS is configured corretly
          The rules DO apply to me.

          Comment


          • #6
            goto command prompt and type nslookup.

            Then put some searches through it.

            topper[/quote]
            * Shamelessly mentioning "Don't forget to add reputation!"

            Comment


            • #7
              The worst problem I can see is that your MX setup is not working as it should. Does the owner of the public subnet (your ISP?) define proper PTR records? Did you open port 25/tcp for your mailserver?

              Comment


              • #8
                Why would you say that ? He doesn't even mention the need for email, or have I missed something ?!?!

                In fact he hasn't even mentioned why he actually needs to setup DNS on the server, a hosted web server doesn't require outgoing DNS resolution.

                topper
                * Shamelessly mentioning "Don't forget to add reputation!"

                Comment


                • #9
                  Read the report in the link.

                  Comment


                  • #10
                    Hello wkasdo,

                    first of all , thank you very much for helping me , I am realy glad

                    wkasdo wrote me that :

                    The worst problem I can see is that your MX setup is not working as it should. Does the owner of the public subnet (your ISP?) define proper PTR records? Did you open port 25/tcp for your mailserver?


                    maybe I didn't gave enough information on my server.
                    so I will it now.

                    My server is hosted in ISP farm (which called netvision , www.netvision.net.il)

                    I am using windows 2003 server std. edition

                    I am using Plesk Control Panel (version : 7.5.1 , www.sw-soft.com )

                    I am using Microsoft DNS application which runing on the same machine of mine

                    I am using MailEnable std. edition for email server application (on the same machine)

                    My server is connected to checkpoint firewall in the ISP farm and managed by the ISP's technician

                    about the ports which needed to be opened , they are allready opened
                    and I sure about that.

                    what I am asking is about what wrote me :
                    Does the owner of the public subnet (your ISP?) define proper PTR records

                    I need to do this ?

                    Because in my server , I am running the DNS server application , and I think that I have to do this in my server and not the ISP.
                    all the domains which I host are managed by the same DNS application which I run on the machine

                    what do you say ?
                    what I have to do ?
                    do you say that I have to talk with the ISP and ask them about :
                    public subnet define proper PTR records

                    ??

                    because I am running on my machine DNS server application and in this app is configured reverse dns
                    The rules DO apply to me.

                    Comment


                    • #11
                      > and I think that I have to do this in my server and not the ISP

                      For normal domains, yes. Reverse domains are different. For normal domains _you_ own the namespace and determine the hostnames and IP addresses. For reverse domains it is the other way around. It's about who owns the IP addresses! The owner of the IP address decides where the PTR record will point. That owner is usually an ISP. Call them, see what they say.

                      Anyway you need to get a working PTR record for you mail.

                      > about the ports which needed to be opened , they are allready opened

                      Correct, I just verified that.

                      Comment


                      • #12
                        I called to Netvision (www.netvision.net.il) (this is my ISP)

                        they talled me that they don't need to do the PTR thing because all domains in my server are managed by my self ( in my server I run MS DNS )
                        so I need to do a PTR recorde and not the ISP

                        someone may please explain me how to do this ? I use windows 2003 server std. edition OS and Plesk Control Panel and MailEnable std. edition as mail server and MS DNS as DNS server application

                        thanks to all who help here
                        The rules DO apply to me.

                        Comment


                        • #13
                          If that is true then you have a delegation from them to manage your own subnet. The only thing you have to do then is to create the appropriate in-addr.arpa zone, and you're done!

                          But I don't believe it. nslookup reveals this:
                          Code:
                          AUTHORITY RECORDS:
                          ->  242.203.199.in-addr.arpa
                              type = SOA, class = IN, dlen = 55
                              ttl = 86400 (1 day)
                              primary name server = dns.netvision.net.il
                              responsible mail addr = hostmaster.netvision.net.il
                              serial  = 2005050102
                              refresh = 28800 (8 hours)
                              retry   = 7200 (2 hours)
                              expire  = 604800 (7 days)
                              default TTL = 86400 (1 day)
                          So, they own the subnet. There is no indication of a delegation. I'm not 100% sure, but that is my take on it. Looks like the person you talked to is mistaken.

                          they talled me that they don't need to do the PTR thing because all domains in my server are managed by my self ( in my server I run MS DNS )
                          True, but irrelevant. You don't own the reverse domain.

                          Comment


                          • #14
                            Ok , good news ,

                            I talked again with my ISP (netvision) and we found that they need to open some ports in the firewall for the PTR (dedicated ports only for the PTR , I didn't thought that there are port which needed to be opended for PTR , it's new for me)

                            and again , they told me that because I allready run MS DNS and all the domains in the DNS are managed by my self in my server then I will need to created the PTR in my server and not in the ISP server.

                            so , thank you very much for helping me , because of you we found solution to my issue

                            this is realy good forum !!!
                            The rules DO apply to me.

                            Comment


                            • #15
                              That's interesting! Well, I don't think you are there yet. Let's see the reverse lookup work before we call it a day. The port issue is plainly bogus, and I still believe that they don't understand the PTR issue. I could be wrong, let's wait and see.

                              > so , thank you very much for helping me

                              you're welcome, no problem!

                              P.S. the reverse does not work yet.... (sunday, 8 pm gmt+1)

                              Comment

                              Working...
                              X