Stopping Open DNS - FireBrick 2700: Difference between revisions
No edit summary |
m (→Testing Access) |
||
| (11 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
[[File:2700-small.png]] |
|||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
*Then re-test from the Control Pages: https://control.aa.net.uk/dnsresolvers.cgi |
|||
[[File:Fb2700-dns.png|600px]] |
[[File:Fb2700-dns.png|600px]] |
||
==Testing Access== |
|||
The web interface of the FireBrick can list what services are open, go to |
|||
Diagnostics -> Access Check |
|||
Enter a Source IP of an IP on the Internet. |
|||
The FireBrick will then list all the services open to that IP address, e.g.: |
|||
DNS resolver access:- |
|||
This address is not on a local Ethernet subnet and so not allowed access. |
|||
[[Category:Open DNS Resolvers]] |
|||
[[Category:AA Routers]] |
|||
[[Category:FireBrick]] |
|||
Latest revision as of 08:01, 31 October 2021
On a FireBrick 2700 the DNS service defaults to local-only - this prevents access to the FireBrick DNS resolver from the WAN by default.
The setting for this is found in the Web config editor at:
Config -> Edit -> Setup -> General system services -> DNS service settings -> local-only
- Then re-test from the Control Pages: https://control.aa.net.uk/dnsresolvers.cgi
Testing Access
The web interface of the FireBrick can list what services are open, go to
Diagnostics -> Access Check
Enter a Source IP of an IP on the Internet.
The FireBrick will then list all the services open to that IP address, e.g.:
DNS resolver access:- This address is not on a local Ethernet subnet and so not allowed access.