Stopping Open DNS - FireBrick 2700: Difference between revisions

From AAISP Support Site
(Created page with "On a FireBrick 2700 the DNS service defaults to local-only - this prevents access to the FireBrick DNS resolver from the WAN by default. The setting for this is found Confi...")
 
 
(13 intermediate revisions by 3 users not shown)
Line 1: Line 1:
[[File:2700-small.png]]
On a FireBrick 2700 the DNS service defaults to local-only - this prevents access to the FireBrick DNS resolver from the WAN by default.


'''On a FireBrick 2700 the DNS service defaults to local-only - this prevents access to the FireBrick DNS resolver from the WAN by default.'''
The setting for this is found


The setting for this is found in the Web config editor at:
Config - Edit - Setup - General system services - DNS service settings - local-only

Config -> Edit -> Setup -> General system services -> DNS service settings -> local-only

*Then re-test from the Control Pages: https://control.aa.net.uk/dnsresolvers.cgi

[[File:Fb2700-dns.png|600px]]


==Testing Access==

The web interface of the FireBrick can list what services are open, go to
Diagnostics -> Access Check
Enter a Source IP of an IP on the Internet.

The FireBrick will then list all the services open to that IP address, e.g.:

DNS resolver access:-
This address is not on a local Ethernet subnet and so not allowed access.



[[Category:Open DNS Resolvers]]
[[Category:AA Routers]]
[[Category:FireBrick]]

Latest revision as of 08:01, 31 October 2021

2700-small.png

On a FireBrick 2700 the DNS service defaults to local-only - this prevents access to the FireBrick DNS resolver from the WAN by default.

The setting for this is found in the Web config editor at:

Config -> Edit -> Setup -> General system services -> DNS service settings -> local-only

Fb2700-dns.png


Testing Access

The web interface of the FireBrick can list what services are open, go to

Diagnostics -> Access Check

Enter a Source IP of an IP on the Internet.

The FireBrick will then list all the services open to that IP address, e.g.:

DNS resolver access:-
This address is not on a local Ethernet subnet and so not allowed access.