On 2016-11-22 c0l0nelFlagg wrote:
Do you use dynamic DNS (usually via DHCP) so that you can use the names you assign on each computer to access each other on the network? Or even assign them statically on the local DNS server. Are they setup to update the DNS for your top-level domain, or a subdomain? Seeing your DNS zone files might help if you can paste them.
Yes the smoothwall firewall PC runs as a dhcp server. For permanent local LAN connections though it serves up reserved IP addresses based on the MAC address asking to be assigned an IP address when it first
That's the DHCP side. You can also usually assign a name in BIND/named (if that's what smoothwall uses) to go with a static-MAC IP address in dhcp. It might already be doing this.
Again, how are you referring to computerA from computerB, say for Windows file sharing? \computerA\myshare ?? or by IP address \192.168.0.11\myshare ??
The local network is not assigned a domain name instead just runs with default localdomain settings. Basically runs in a peer-to-peer workgroup fashion.
OK, that should make things easier and rule out weird domain-based name issues.
I have a similar setup but I use a home-brew linux firewall and have carefully setup DNS to have both a valid "internal view" for local computers to register their names with, and a separate "external view" for outside-world users to use.
do you have a link to a blog or tutor web site on setting this up?
Setting up a complete home-brew firewall? That's a non-trivial exercise, though there probably should be some good google hits to get you started. Most people would probably recommend using a pre-made linux firewall distro, though I'm not sure what the names of those are these days. Maybe smoothwall is one of them? Personally, I'd build one myself for supreme customization, but trust me it'll take a lot of time and learning and tinkering.
As for just setting up dual views for DNS in BIND, there's a ton of tutorials on that out there. Just search for "bind dns internal external views". Though you need a somewhat recent BIND version on your box to do that.
Oh ya, your problem could also just be that you should not have a 2ndary or 3rdary DNS set on the clients that point to the outside world. This could cause programs to timeout longer than they have
The above is really key... I strongly recommend you do this before anything else... get rid of all outside DNS server references except on your firewall. It might fix all your problems without having to do anything else!