Hello,
I have been configuring a new firewall for quite some time. And I think I am almost there the only problem is our internal computers can't resolve external names. i.e. can't get google dot com from a computer inside but can get to it using an IP. The interesting thing is that from the firewall itself it resolves names no problem.

So, I have been RTFM'ing all morning but can't find where I should be setting the internal clients to use my ISP's name server for the names.

My resolv.conf:
search mydomain.com
nameserer xxx.xxx.xxx.1
nameserer xxx.xxx.xxx.2

Is it an IPTABLES thing or some other routing thing? And how do I fix it.

Thanks.

It's possible that it might be an iptables issue. Try telneting to port 53 of the DNS servers. If you don't get a connection, then look in to your iptable rules.

When I telnet to my first DNS address I get: "Could not open connection to the host, on port 53: Connect failed." However, with the second DNS I connect fine. (Could be just a problem with my ISPs first DNS?)

Yeah, chances are good it's just your ISPs DNS goofing up.

I'd just delete the entry that isn't working, or move it to the bottom.

Also, you'll want to check out your nsswitch.conf file too, that's where the computer will know in what order it should try doing DNS.

This is the section that you're ineterested in ( example of mine )

#hosts: db files nisplus nis dns
hosts: files dns

Files checks /etc/hosts, dns uses the stuff in resolv.conf

If you can telent on port 53 to your DNS servers, then you should be resolving, try using dig www.google.com as well ( assuming you can connect )...that should work.