cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
572
Views
0
Helpful
2
Replies

Problem with DNS server behind a 837 router with NAT

marelecnv
Level 1
Level 1

Dear,

We have a HTTP, FTP, SMTP and a DNS server set up behand a 837 router with nat enabled. Everything except the DNS server is working ok. The configuration is in attachment

If I change the nat for port 53 to port 5353 local (and reconfigure the dns server to listen to port 5353) the dns server is working fine except if the computer sending the query uses port 53 UDP (and the answer has to be send back to port 53 UDP). The answer does not get through the router.

Any idea's?

2 Replies 2

Not applicable

The issue may be the return data is not passing through the NAT. If the Firewall is not configured to allow the return then the the data will not pass through it. Check the configurations of firewall.

Thaks for your response, but no, that is not the problem.

I've solved the problem yesterday.

There has to be a 1-1 NAT rule in the configuration:

ip nat inside source static 192.168.0.253 213.49.131.61

Only forwarding port 53 UDP and TCP doesn't work.

AND

The DNS server must be configured to supply A records with the local IP address, not the global IP address, otherwise the DNS response does not pass through the router!!! (surprise, surprise) The router translates the ip addresses inside the DNS respones.

It took a long time to find this out, but now everything works OK.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: