I experienced an issue when I configured zone tansfer between 2 dns servers at internal and external zones. The PIX version is 6.1(5). I believe all the ports (TCP and UDP)are opened. Actually, from internal DNS server, I could query the external DNS server (which is UDP traffic), as well, I could use the 'dig' command to manually transfer the zone file from the external DNS server (which is TCP traffic). However, I could not use 'rdnc reload' to transfer the zone file from the external server (which is UDP traffic). From the firewall log, I got the following information as attached.
However, I tested from a PIX with version 6.3. The 'rndc reload' command worked.
Does anybody have some idea? Thanks in advance.