Am I going Nuts or what????? - Page 3
Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 32

Thread: Am I going Nuts or what?????

  1. #21
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Road:

    Your input would be truly appreciated.....

    It's really got me.... It has also resulted in some little "niggles".

    I changed the DHCP option for the gateway for the network to 192.168.3.4, (Firewall 1), and got a couple of calls from users about being unable to reach certain web sites. An NSLookup showed they were in the 63.0.0.0/8 network.... Easy fix... trot down and do an ipconfig /release/renew because the lease hasn't expired.... No problem... I tried it and it failed.... SOB... now what?... I go to the network settings and find that even though the setting for "get IP automatically" is set I can still see the 192.168.3.1 greyed out in the default gateway box???? WTF is that all about????? All it takes to fix it is to check the "use this info" radio button and then recheck the "get it automagically" button.... the old DG disappears and the system works just fine because it auto-picks-up the new DG....

    I dunno.... this whole thing is "not right".... But I have this horrible feeling it's me... not the system....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  2. #22
    Banned
    Join Date
    Sep 2004
    Posts
    305
    Tiger Shark, unrelated, but why do you call chsh, "csch"?

    ;TT

  3. #23
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Tiger Shark, unrelated, but why do you call chsh, "csch"?
    ROFLMAO.....

    'cos, not only am I blind nowadays.... It appears that I am frigging dyslexic too.....

    Old age sucks....

    Really.... no offense was intended and I always thought it was csch...... Oh well.... I'll crawl back into my hole and be quiet for.... er.... um... 30 seconds..... "I'll be baack"...
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  4. #24
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    OK... I'm baack....

    Sorry Chris..... never noticed it till it was mentioned.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #25
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Your DNS server are internal for internet? Or located upstream at ISP?

    Like I was saying, I am there petting my cat, right and I think... a firewall isn't a router. It's a filter and will only conduct business that it sees fit to the outside world. You enter a static route but it's not really a route, like in a router. It's a conduit or tunnel. So the problem could lie there. When you had the proble do you remember if you could trace your internal firewall interface?

    Cheers I am off now.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  6. #26
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Road:

    I run split or double DNS. My AD servers act as the DNS servers for the domain and request external resolution from my primary or secondary public nameservers in the DMZ. Only the AD servers may request resolution from the nameservers in the DMZ, (firewall rule), and only the nameservers can request resolution from the net, (another firewall rule).

    The Firewall I use does act as a router, (Watchguard). I can put routes in it in any way I please to direct traffic internally or out the optional port which I use as the DMZ. Obviously it's routing abiility is limited by the fact that it has only 3 ports but I can direct traffic any way I like to any number of internal routers at the firewall rather than having to send the traffic to an internal router to make the routing decisions.

    I could always correctly tracert anything, (including the internal interface of the firewall), as long as it was not in the 63.0.0.0/8 network unless it was in the 63.x.y.0/24 subnet - in which case it worked fine... Everything else returned "Destination host unreachable" from the router in question.....

    I dunno.... My head just started hurting again....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #27
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    Originally posted here by Tiger Shark
    OK... I'm baack....
    Sorry Chris..... never noticed it till it was mentioned.....
    Don't worry, I've been called far worse.

    Originally posted here by Tiger Shark
    I could always correctly tracert anything, (including the internal interface of the firewall), as long as it was not in the 63.0.0.0/8 network unless it was in the 63.x.y.0/24 subnet - in which case it worked fine... Everything else returned "Destination host unreachable" from the router in question.....
    I dunno.... My head just started hurting again....
    I still think it's related to position in the routing table. It's the only thing that makes sense to me.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  8. #28
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    I still think it's related to position in the routing table.
    Aye, but there's the rub..... The router auto-orders the display for me... so I see it as:-

    0.0.0.0 0.0.0.0 192.168.3.4
    63.x.y.0 255.255.255.0 192.168.2.12
    192.168.100.0 255.255.255.0 192.168.3.3
    blah
    blah
    blah

    Now, while I am sure that the display is being ordered that way, (numerically), for reasons of beautification I have no idea how to see the _actual_ order they may be in. Any clues?
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  9. #29
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    Well maybe the actual order is in the way they are entered? That might explain why when you redid the config it worked? I dunno, I'm just thinking aloud.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  10. #30
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Ouch, everytime you type my head goes dizzy with more info. I thoought you had a pix for some reason and I fixed a similar issues using conduits verses static routes. I too have similar DNS settup. It is nothing but a headache. Hmmm. me runs off to check DNS rulez on the pix!
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides