On Jul 18, 2009, at 1:08 AM, Clue Store wrote:
I have several domains pointed various
ip's in a /27 (public block). I have one internal webserver inside
of my
network. I would like to be able to map the several outside IP's to
one
inside IP of my web server and perform DNS doctoring via the ASA so my
inside hosts can use a DNS server outside of my network and still be
able to
get to the domains
Not a good idea - an attacker can breathe on it, and it'll fall over,
instant DoS. Sticking servers behind firewalls, and NATting them, to
boot, is extremely poor security practice.
-----------------------------------------------------------------------
Roland Dobbins <[email protected]> // <http://www.arbornetworks.com>
Unfortunately, inefficiency scales really well.
-- Kevin Lawton
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
