Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1009
Views
0
Helpful
4
Replies

Access-List DNS

Go to solution
vmolinaro
Level 1
Level 1

‎04-03-2004 11:11 PM - edited ‎02-20-2020 09:24 PM

When writing an access-list to allow DNS should I allow only UDP or both UDP/TCP? I have no requirement to allow any zone transfers and so I guess allowing TCP would not be necessary. Would just like to confirm.

Vito

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mostiguy
Level 6
Level 6
In response to vmolinaro

‎04-05-2004 03:34 AM

what dns server are you running? on win2k, you right click the server name in the DNS mmc snapin, and it is on one of the tabs

View solution in original post

0 Helpful
4 Replies 4

Go to solution
mostiguy
Level 6
Level 6

‎04-04-2004 07:33 AM

tcp is necessary for any replies over 512bytes. My experience has been that for windows centric environments, allowing tcp is a good thing (even though I block zone transfers).

0 Helpful

Go to solution
vmolinaro
Level 1
Level 1
In response to mostiguy

‎04-04-2004 06:31 PM

Thanks.

How do you block zone transfers on the firewall if you allow TCP? I assume you mean this is done on the DNS server itself.

Thanks

0 Helpful

Go to solution
mostiguy
Level 6
Level 6
In response to vmolinaro

‎04-05-2004 03:34 AM

what dns server are you running? on win2k, you right click the server name in the DNS mmc snapin, and it is on one of the tabs

0 Helpful

Go to solution
vmolinaro
Level 1
Level 1
In response to mostiguy

‎04-05-2004 04:50 AM

The server is setup by the client and so I will have them check their configuration.

Thanks for answering my questions

Vito

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents