04-16-2008 08:05 AM - edited 03-11-2019 05:32 AM
We recently replace our checkpoint to cisco ASA. In our old firewall every tcp/udp ports outbound are blocked, ofcourse except for port 443 and 80. With the ASA we just started blocking all the ports outbound and I noticed that our DNS servers keeps on reaching different outside IP's on port 53 and not sure if I supposed to allow this or block it. If I block it, we might have problems with our DNS. Should I allow all our internal DNS server to any udp/tcp ports outbound? Thank you in advance.
04-16-2008 08:39 AM
You will need to allow your internal dns server to make dns requests outbound. udp 53
04-16-2008 08:50 AM
I tried just the udn 53 but still getting a lot of blocks from port 53. I opened UDP/TCP dns and it stop the logs. What about port 137 outbound?
04-20-2008 10:18 PM
for DNS server you need to open both tcp and udp 53 for your server .
port 137 is for netbios , and it is local .
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide