I need the guest laptop to have internet access, but not access to the trusted side of the network. Do I have to stand up another DNS server on the DMZ side to make this happen?

Linksys is on DMZ interface, workstations/PDC is on trusted interface, TWC is untrusted interface.


I've also set up rules on the juniper for all DNS traffic to pass through from the DMZ to the trusted and untrusted interfaces, in an attempt to solve this. It's not working.

The DMZ interface has source NAT enabled.

[Edited on January 29, 2013 at 11:37 AM. Reason : more]

1/29/2013 11:19:32 AM

try pinging a public ip, 206.190.36.45 which is yahoo's ip. If it works, then manually set your dns on your laptop to 208.67.222.222 and 208.67.220.220 which is opendns.coms dns servers.

[Edited on January 29, 2013 at 11:59 AM. Reason : .]

[Edited on January 29, 2013 at 12:00 PM. Reason : ..]

1/29/2013 11:57:55 AM

Quote :

"If it works, then manually set your dns on your laptop to 208.67.222.222 and 208.67.220.220 which is opendns.coms dns servers."

if it works set the dns on the WRT to that so you can have your guests' laptops use automatic settings

1/29/2013 12:11:10 PM

Ignoring the firewall, you need to put your DNS server on both networks and then set up internal and external views. Either that, or you need to point the laptop at a DNS server on the Internet, either manually or with different DHCP server config. It could also be that your DNS server isn't configured to respond to requests coming from that DMZ network.

1/29/2013 12:16:55 PM

boom. fixed. forcing opendns on the dmz clients worked.

1/29/2013 1:04:04 PM

^^^^just FYI, 8.8.8.8 is a public IP address, specifically for the primary Google Public DNS server (secondary is 8.8.4.4)

1/29/2013 6:34:30 PM