Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » DNS problem..need help..
  •  
keriours

Messages: 11
Karma: 0
Send a private message to this user
I have local dns server 2003 (server2003.company.local) with
IP address 10.0.0.1

and kwf IP 10.0.0.2(local) without gateway IP
and kwf inet IP 192.168.1.10(from adsl modem)
with gateway IP 192.168.1.1.
DNS assigned by isp 202.146.255.5

client PC IP: 10.0.0.5
gateway: 10.0.0.2
dns: 10.0.0.2 / 10.0.0.1

If I set dns client PC to 10.0.0.2 it was be very slow to login to server 2003 domain but I'm able to browsing and emailing.
If I set dns client PC to 10.0.0.1 it was faster to login to domain company.local but I couldn't connect to internet and email.

I've read manual config from kerio but still confuse about dns forwarding. I mean if I set dns client to 10.0.0.1 I need to set dns forwarder to 10.0.0.185. I don't know where I should to set.

Pleasee helpp..need help ASAP..
thank's for the answer..
  •  
hhred

Messages: 12
Karma: 0
Send a private message to this user
i also have dns problems like this.

my solution:

in order to authentificate to the windows200x server (Active Diretory) AND use "fast" DNS against the internet i use
an "old lanmanger" methode:

on the lan-clients:
open a dos box (cmd.exe)
navigate to your windows home directory (cd %systemroot%) which is normaly "c:\windows"
navigate to .\system32\drivers\etc (e.g.: c:\windows\system32\drivers\etc)
look after a files named "lmhosts.sam" and "lmhosts." [without extension] (dir lmhosts.*)
if there is no file "lmhosts." copy the lmhosts.sam to lmhosts.
copy lmhosts.sam lmhosts.
edit the "lmhosts." file with notepad:
notepad lmhosts. (dont forget the ".")

in notepad you can first read the samples from microsoft
navigate to the end of the file
in a new line add a entry for your windows AD-Server:
e.g. the lan-ip of the server is 192.168.168.192, the servername is "myserver" and the domain name is "mycompany" the new entry should read as follow:
192.168.168.192 myserver #PRE #DOM:mycompany

save the lmhost. file, exit notepad
at the dos-prompt, use the command
type lmhosts.
to verify the file has been saved corretly


this instructs the windows to do the following:
a) load in the dns-cache before authentificate to domain (#PRE)
b) marks the "myserver" entry as a domaincontroller (dc) for the domain "mycompany"

next, assign the DNS-server entrys at your clients to the winroute server and/or to the dns-server of your isp.

reboot the client

cause the lmhosts. entrys, the windows name resolution can
acces your ad-server, and also do fast dns-requests to the internet.

you may ad some more servers of your lan to the lmhosts. file

if erverything works fine, redistribute the lmhosts. file to all
other clients


  •  
etimag

Messages: 32
Karma: 0
Send a private message to this user
what did you set on KFW machine ip's DNS ?
  •  
ICT and Me

Messages: 940

Karma: 53
Send a private message to this user
Let the client pc's do DNS reqeust to the 2k3 server 10.0.0.1
And let the 2k3 server do DNS reqeust to the Firewall.
Or
Take the firewall out the DNS loop. Because if the DNS from the 2k3 server can't give answer it will be contacting out-side DNS through the gateway.
THe DNS on the firewall isn't needed if the w2k3 server runs DNS.

ICT and Me
Carlo Turk
The Netherlands
www.ictandme.nl
  •  
etimag

Messages: 32
Karma: 0
Send a private message to this user
yes you are correct. I have done that but now firewall machine was part of AD. And when I remove AD dns ip it cannot to domain server...
  •  
Trololo

Messages: 12
Karma: 0
Send a private message to this user
Just set DNS address in all computers to kwf address 10.0.0.2 and
add to host file on kwf the name of AD server like

10.0.0.1 server2003.company.local
Previous Topic: help ASAP : how to set kwf to permit smtp using SSL
Next Topic: error opening page with.php and can't see the flash image in the website if i use Kerio as my router
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Nov 22 04:52:41 CET 2017

Total time taken to generate the page: 0.00390 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.