Hi everybody,
First of all I want to congratulate all of you for the professionalism
and helpful knowledge you share in this Forum... I have just been a
reader of all your experiences for 3 years... and know i need your
help...
This is my net,
PIX-Fw (Failover)
Site A: Intranet--------Router--------PIX-Fw------- Internet
(207.x.x.x)
(172.x.x.x) |
|
DNS (DMZ)192.x.x.x
And this is my problem,
I have just moved my DNS to a DMZ on a PIX firewall... The firewall has
a conduit from the internet by a static NAT ip address...
All my PC's on my intranet have as primary DNS the one from the DMZ...
and reach the internet by dynamic NAT translation...
When the users want to go to any place to the internet there's no
problem... but when they want to go to our own WWW page the DNS look for
the address (207.x.x.x) and can't reach it... it looks like the PIX do
not permit to see the static address from a dynamic address on the same
net.
Do any one know if there's something else i have to configure on the PIX
so it can let the dynamic addresses to see the static address????....
BTW, On my DNS server I can�t announce the internal address because the
NIC take as primary DNS both addresses the static and the internal...
and we were monitoring the NIC's DNS and it switch both addresses so it
make a delay to all in the internet who want to reach our Web because
they can't fine the internal address...
I hope I'm clear... sorry my few English...
I wait for your comments... thanks in advance..
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
