Wingate doing external query with local domain name appended

Archived from groups: microsoft.public.win2000.dns (More info?)

Hello,

Please forgive me if this is not the appropriate group for my post.

I'm running Wingate 6.+ for all our Internet gateway. We have
an Exchange Server 2000 which uses Wingate to send mail
directly to the outside world for Internet email. I notice on
the gatekeeper activity that the Exchange server sometimes
has a long queue on port 53.

I looked at the log and this bugged me: the log shows
attempts to query entries with the local LAN domain
name appended to irresolvable queries (bogus QDN
from spammers). Attempt to query an unreachable domain
always ends up with Wingate appending our local domain
name.

How can I prevent this.

Thanks in advance.

Here is some configuration Info:
Exchange server (inside our LAN):
Default Gateway is the Wingate Server
Primary DNS points to our Internal DNS server
Secondary DNS points to the Wingate Server
Wingate Server Windows Network TCP/IP properties:
Internal NIC:
No default gateway
DNS points to our Internal DNS server
External NIC: (ISP's)
Default gateway is the router upstream.
DNS points to our ISP's Primary and Secondary servers
In Wingate gatekeeper DNS Resolver service:
DNS points to our ISP's Primary
Also in the "Advanced Options" for Wingate,
I added our Internal DNS server.

If any other information is needed, please let me know.

Thanks in advance for your help.
3 answers Last reply
More about wingate external query local domain appended
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    C C <someone@sbcglobal.net> wrote:
    > Hello,
    >
    > Please forgive me if this is not the appropriate group for my post.
    >
    > I'm running Wingate 6.+ for all our Internet gateway. We have
    > an Exchange Server 2000 which uses Wingate to send mail
    > directly to the outside world for Internet email. I notice on
    > the gatekeeper activity that the Exchange server sometimes
    > has a long queue on port 53.
    >
    > I looked at the log and this bugged me: the log shows
    > attempts to query entries with the local LAN domain
    > name appended to irresolvable queries (bogus QDN
    > from spammers). Attempt to query an unreachable domain
    > always ends up with Wingate appending our local domain
    > name.
    >
    > How can I prevent this.

    Take it from me, I've been using Wingate since 1997, you must configure you
    network settings as below.


    > Thanks in advance.
    >
    > Here is some configuration Info:
    > Exchange server (inside our LAN):
    > Default Gateway is the Wingate Server
    > Primary DNS points to our Internal DNS server
    > Secondary DNS points to the Wingate Server

    Remove the secondary DNS that points to Wingate all DNS must go through the
    AD server.
    Using the Exchange system manager, Expand to the Default SMTP virtual
    server, click on its properties, Select the Delivery tab, Click the Advanced
    button,, Next to "Configure external DNS servers" click the Configure
    button, Enter the IP of the Wingate server.

    > Wingate Server Windows Network TCP/IP properties:
    > Internal NIC:
    > No default gateway
    > DNS points to our Internal DNS server
    > External NIC: (ISP's)
    > Default gateway is the router upstream.
    > DNS points to our ISP's Primary and Secondary servers

    Remove both ISP's DNS servers on the external NIC and enter the internal DNS
    address.

    Right click on Network places, choose properties, in the Window that opens,
    Advanced menu, select "Advanced settings" move the internal NIC to the top
    of the connections list, and make sure File and Printer sharing and client
    for Microsoft Networks is bound only to the internal NIC.

    > In Wingate gatekeeper DNS Resolver service:
    > DNS points to our ISP's Primary
    > Also in the "Advanced Options" for Wingate,
    > I added our Internal DNS server.

    On the local DNS server, using the DNS management console click on the
    properties of the server, Forwarders tab, configure the IP of the Wingate
    server as the forwarder.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    Kevin,

    We did this. Somehow, gatekeeper is showing a long queue of DNS queries
    from our Internal DNS server with same domain name it is trying to query.
    Something is definitely wrong.

    This morning our ISP disabled our T1 because our Wingate requested "a
    million queries" in an hour! I removed wingate as the forwarder in our
    Internal dns server, and disabled recursion. I don't know if that helps.


    "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
    news:eEM1t11sFHA.3908@tk2msftngp13.phx.gbl...
    > C C <someone@sbcglobal.net> wrote:
    > > Hello,
    > >
    > > Please forgive me if this is not the appropriate group for my post.
    > >
    > > I'm running Wingate 6.+ for all our Internet gateway. We have
    > > an Exchange Server 2000 which uses Wingate to send mail
    > > directly to the outside world for Internet email. I notice on
    > > the gatekeeper activity that the Exchange server sometimes
    > > has a long queue on port 53.
    > >
    > > I looked at the log and this bugged me: the log shows
    > > attempts to query entries with the local LAN domain
    > > name appended to irresolvable queries (bogus QDN
    > > from spammers). Attempt to query an unreachable domain
    > > always ends up with Wingate appending our local domain
    > > name.
    > >
    > > How can I prevent this.
    >
    > Take it from me, I've been using Wingate since 1997, you must configure
    you
    > network settings as below.
    >
    >
    > > Thanks in advance.
    > >
    > > Here is some configuration Info:
    > > Exchange server (inside our LAN):
    > > Default Gateway is the Wingate Server
    > > Primary DNS points to our Internal DNS server
    > > Secondary DNS points to the Wingate Server
    >
    > Remove the secondary DNS that points to Wingate all DNS must go through
    the
    > AD server.
    > Using the Exchange system manager, Expand to the Default SMTP virtual
    > server, click on its properties, Select the Delivery tab, Click the
    Advanced
    > button,, Next to "Configure external DNS servers" click the Configure
    > button, Enter the IP of the Wingate server.
    >
    > > Wingate Server Windows Network TCP/IP properties:
    > > Internal NIC:
    > > No default gateway
    > > DNS points to our Internal DNS server
    > > External NIC: (ISP's)
    > > Default gateway is the router upstream.
    > > DNS points to our ISP's Primary and Secondary servers
    >
    > Remove both ISP's DNS servers on the external NIC and enter the internal
    DNS
    > address.
    >
    > Right click on Network places, choose properties, in the Window that
    opens,
    > Advanced menu, select "Advanced settings" move the internal NIC to the top
    > of the connections list, and make sure File and Printer sharing and client
    > for Microsoft Networks is bound only to the internal NIC.
    >
    > > In Wingate gatekeeper DNS Resolver service:
    > > DNS points to our ISP's Primary
    > > Also in the "Advanced Options" for Wingate,
    > > I added our Internal DNS server.
    >
    > On the local DNS server, using the DNS management console click on the
    > properties of the server, Forwarders tab, configure the IP of the Wingate
    > server as the forwarder.
    >
    >
    >
    > --
    > Best regards,
    > Kevin D4 Dad Goodknecht Sr. [MVP]
    > Hope This Helps
    > ===================================
    > When responding to posts, please "Reply to Group"
    > via your newsreader so that others may learn and
    > benefit from your issue, to respond directly to
    > me remove the nospam. from my email address.
    > ===================================
    > http://www.lonestaramerica.com/
    > ===================================
    > Use Outlook Express?... Get OE_Quotefix:
    > It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    > ===================================
    > Keep a back up of your OE settings and folders
    > with OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    > ===================================
    >
    >
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    C C <someone@sbcglobal.net> wrote:
    > Kevin,
    >
    > We did this.

    You did what?

    If you do not remove Wingate address from all NICs, this will continue.

    Here is what you posted.
    Here is some configuration Info:
    Exchange server (inside our LAN):
    Default Gateway is the Wingate Server
    Primary DNS points to our Internal DNS server
    Secondary DNS points to the Wingate Server<-------You cannot use
    this.


    External NIC: (ISP's)
    Default gateway is the router upstream.
    DNS points to our ISP's Primary and Secondary servers<---Remove
    Do not use any DNS other than the local DNS on any NIC in any position.


    Somehow, gatekeeper is showing a long queue of DNS
    > queries from our Internal DNS server with same domain name it is
    > trying to query. Something is definitely wrong.

    Sounds like a DNS loop to me, did you clear the Wingate resolver cache?
    Your DNS server will not forward any queries if it has a zone for that name,
    what are the domains in the DNS suffix search list? (Post ipconfig /all)

    >
    > This morning our ISP disabled our T1 because our Wingate requested "a
    > million queries" in an hour! I removed wingate as the forwarder in
    > our Internal dns server, and
    disabled recursion<---Where did you do this? (Advanced or Forwarders tab)


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
Ask a new question

Read More

DNS Windows