On 23/08/2010 16:07, Giles Coochey wrote: > On Mon, August 23, 2010 17:03, Gabriel Tabares wrote: > >> On 23/08/2010 14:48, Giles Coochey wrote: >> >>> On Mon, August 23, 2010 15:43, Gabriel Tabares wrote: >>> >>> >>>> On 23/08/2010 13:28, Joseph L. Casale wrote: >>>> >>>> >>> The problems can sometimes be caused by not having reverse-DNS records >>> for >>> your hosts. Can you resolve to names (any name) from an IP address? >>> e.g. nslookup 10.2.9.2? >>> >>> It doesn't matter if it doesn't resolve to the rigt name, just that it >>> resolves to something (and avoids the timeout)... >>> >>> >>> >> They don't resolve to anything: >> >> Server: 10.2.2.254 >> Address: 10.2.2.254#53 >> >> Non-authoritative answer: >> *** Can't find 2.9.2.10.in-addr.arpa.: No answer >> >> Authoritative answers can be found from: >> >> > Can you contact the network / DNS admins and ask them to create PTR > records in the in-addr.arpa zone for your hosts? > If not, someone posted a workaround for this for your nsswitch.conf file. > > As I said - it doesn't normally matter what they set it to, except perhaps > for email smart-hosts / gateways, just that the reverse lookups exist. > > > I will look into this. I am the network admin but, for the first time, we are using the firewall for DNS and it seems that it may be a lot more picky about resolution and way less configurable. It only proxies or resolves for a list of known hosts. I might end setting up an internal DNS server, as it will probably be easier than troubleshooting the firewall (how I hate firewall and their closed OSs!). Thanks for your help Gabriel