Dynamic DNS entries not working for Clients connecting from Multiple subnets

  • Hi,

    We have a SRX 220 which is hosting multiple vlans for our network.

    We have a Windows 2012 DNS server, which is sitting on Server-vlan

    There are 5 More VLANS for each User Department.

    All 6 Vlans including the Server vlan are placed in the TRUST-ZONE and any traffic within the Trust zones is allowed.


    1. The issue what we see here is the SRX is doing inter vlan routing properly and passing all the traffics between the vlans.

    But the issue what we noticed is the Dynamic DNS updates to the DNS server placed on the Server vlan is not working.

    1. The Dynamic DNS entries within the same subnet is working , however, when we try to add a PC to the domain on a different vlan, the PC is getting added to the domain , but dynamic DNS Registration for that client is not getting updated on the DNS server.

    2. So in order to trouble shoot the issue, ive replaced the SRX with a Cisco router to check if the SRX is causing the issue and we found it was working fine when the cisco router was performing intervlan routing instead of SRX.

    So we found the issue was with the SRX not allowing these dynamic updates from not getting through to the DNS Server from a different subnet.

    I’ve allowed any traffic and applications within the trust zone to be permitted, but still this Dynamic DNS registration is alone not working.

    Please advise on anything to be done on the SRX to make this Dynamic DNS registration to work from different vlan.


  • Okay , i found the answer myself , its the DNS ALG causing the issue, so i need to disable it using the below command

    set security alg dns disable