Feel free to suggest another sub if this one is a wrong fit.
When opening tcp ports in a firewall, most of the time an opening is only needed in 1 direction. The "reply" traffic is correctly identified as related and is being let through. But does the same logic apply to UDP since there are no acks and nothing else of the sort?
My actual problem: trying to configure DNS forwarding in a Windows domain towards another Windows domain. Set up the conditional forwarders on domain A towards domain B, enabling DNS debug logging on DNS of domain B, I see that my queries coming in from domain A arrive and replies are being sent back, the problem is that the queries actually timeout from the perspective of any clients on domain A, including the domain controllers being used as forwarders.
No comments:
Post a Comment