nslookup

  • Thread starter Kevin D. Goodknecht [MVP]
  • Start date
K

Kevin D. Goodknecht [MVP]

In
William Luiz de Souza said:
I'm trying to add a computer to my domain, however I have a firewall
between the computer and the DC (they are in separated networks).
I've opened the ports according with this article 179442. I can
connect using telnet in 53 port, however I can resolve names.
NSLOOKUP DOES NOT WORK.

Can anyone help me?
Click to expand...

You should set up a VPN link between the client and the DC rather than
opening all the ports needed for domain membership.
 
W

William Luiz de Souza

I'm trying to add a computer to my domain, however I have a firewall between
the computer and the DC (they are in separated networks). I've opened the
ports according with this article 179442. I can connect using telnet in 53
port, however I can resolve names. NSLOOKUP DOES NOT WORK.

Can anyone help me?
 
M

Michael Johnston [MSFT]

Port 53 is only part of this. Telnet also only tests tcp port 53. Most dns queries will use udp port 53. If NSLOOKUP doesn't work,
then something is preventing udp 53 from getting through. Is the firewall natting between the client and the server? If so, this will
never work. You will need to create a VPN tunnel through the firewall and then add the client to the domain. This is probably a
better solution anyway as you don't want to open up the firewall as this will expose you unnecessarily.
Thank you,
Mike Johnston
Microsoft Network Support
--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the
terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from
which they originated.
 
W

William Luiz de Souza

Can I set up the VPN only to add the machine to domain? Persistent VPN
connection is a bad option to me.

Michael Johnston said:
Port 53 is only part of this. Telnet also only tests tcp port 53. Most
Click to expand...
dns queries will use udp port 53. If NSLOOKUP doesn't work,
then something is preventing udp 53 from getting through. Is the firewall
Click to expand...
natting between the client and the server? If so, this will
never work. You will need to create a VPN tunnel through the firewall and
Click to expand...
then add the client to the domain. This is probably a
better solution anyway as you don't want to open up the firewall as this will expose you unnecessarily.
Thank you,
Mike Johnston
Microsoft Network Support
Click to expand...
rights. Use of included script samples are subject to the
terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
Click to expand...
message are best directed to the newsgroup/thread from
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Strange DNS forwarding issues 5
nslookup-nonexistent domain 1
DNS resolving issues 4
what is difference between nslookup and ping? 5
Client DNS issue? 7
Problems when we added a sub domain 2
One server can't see the other server 12
How to configure Firewall for win2000 domain? 2

Top