On Thu, 2003-09-18 at 12:17, John C. Voigt wrote: > Hi, > > I'm in the process of setting up our network at work, as the Feds unplugged our old > one. We have a Cisco PIX 515 firewall (not ours) between the router and our LAN with > a DMZ port. > > I have a DNS server in the DMZ to answer external queries. DNS is NATted from an > external IP (68.72.56.147) to the DMZ (192.168.100.0/24). The DNS is supposed to > answer queries from the outside address, and allow zone transfers to our off-site > secondary. The strange thing is that a query to the DNS server from itself > (poplar.reclamation.dnr.state.in.us) gives it's correct address (68.72.56.147). From > our secondary and other nameservers "out there", it resolves to it's DMZ address, > which of course, is non-routable. > > Any help to point me in the right direction on how to correct this would be most > appreciated. >
Why do you have a class C subnet address on the DNS box, anyway? If it is in the the DMZ, it stands to reason that it is outside your protected subnet.Why not leave it with a routable IP and just point your private boxes at it through the gateway? -- burns _______________________________________________ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
