Bill I thought so too, BUT I am doing that with another client. I just do
not know how that particular client's ISP handles that. I am certain that
there is a way to do it.
In summary, If a client has an external DNS name and address which points
back to an internal ip and host, there is a way for it go to the external
DNS and have it come back internally - public to private mapping.
"Bill Grant" <not.available@online> wrote in message
news:(E-Mail Removed)...
> No, you can't do that. A NAT/PAT device will not route private traffic
> out to the public side then back in again. What you have to do is arrange
> your DNS so that the machines on the private LAN resolve the web site's
> name to its private IP. It is a name resolution problem, not a routing
> problem.
>
> Jordan Turner wrote:
>> PIX Firewall with Windows 2003 DNS
>>
>> We have a web server that can be accessed at WEB.DOMAIN.COM
>> internally. We have an external DNS record for this at
>> WEB.DOMAIN.ORG. Users from the outside can access WEB.DOMAIN.ORG,
>> but users internally can NOT go to WEB.DOMAIN.ORG. Basically, it
>> can't go public IP and then private IP from internal users. For
>> external users it can. I can create a new DNS Zone for this .ORG
>> address but that is too much manual work.
>> From DNS perpective, Stub Zone and Forward Zone will not currently
>> work because we can't loop back in. New Zone works because we are
>> pointing to internal only - but is too much manual work - 85+ static
>> names and IPs to maintain.
>>
>> Is there something on the PIX firewall to enable this functionality of
>> allowing traffic to go out then come back in? What is this
>> terminology?
>> Thanks.
>
>
|
Similar Threads
Linear Mode
