SRX

 View Only
last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  DNS client lookups not working

     
    Posted 06-03-2020 06:18

    I think I'm having one of those days!

     

    I have Windows PCs. I've just changed some clients to use only their respective SRX for DNS lookups. However, the clients cannot resolve anything. As soon as I flick back to 8.8.8.8. for example they are fine. The SRX devices all have the following config (only) relating to DNS:

     

    system {
    name-server {
        8.8.8.8;
        208.67.222.222;
        1.1.1.1;
    }
}

     

    What really obvious thing am I missing? Configuration of a client DNS service somewhere?

     


    #dns


  • 2.  RE: DNS client lookups not working

    Posted 06-03-2020 07:02

    Hello,

    This configuration is for DNS lookups performed by SRX itself such as name resolution for domain names in the config, or when pinging/tracing.

    If You want SRX to return DNS answers to Your clients, You need to enable DNS proxy

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB27492

    HTH

    Thx

    Alex



  • 3.  RE: DNS client lookups not working
    Best Answer

     
    Posted 06-03-2020 07:09

    Simple it was, as follows:-

     

    # set system services dns dns-proxy interface ge-0/0/0.0
# set system services dns dns-proxy default-domain * forwarders 8.8.8.8
# set security zones security-zone Trust interfaces ge-0/0/0.0 host-inbound-traffic system-services dns