[cs615asa] Can't connect to DNS server
Jan Schaumann
jschauma at stevens.edu
Sat Mar 24 15:56:23 EDT 2012
Tejas <tnadkarn at stevens.edu> wrote:
> For testing I opened all TCP/UDP/ICMP ports for the instances I'm using.
> I can ping as I said and I was able to telnet into SHH port 22 on the
> DNS server from the host without issue. I can traceroute from the host
> to the DNS and it all looks good.
>
> However any attempt on port 53 is refused. This leads me to believe it's
> something with the local DNS process since I have a single AWS rule for
> both port 22 and 53 so I don't believe it's a firewall issue.
What a wonderful occasion to use tcpdump(1) to see what's happening! :-)
If you do indeed have UDP/53 open to the public on your AWS instance,
then you should also be able to query it from any other host (say,
lab.cs.stevens.edu). Does that work? If not, what does tcpdump(1) tell
you? (Note: it's most useful for you to run tcpdump(1) on both ends and
see what packets are coming through, if any.)
-Jan
More information about the cs615asa
mailing list