A firewall... you think? :) -----Original Message----- From: Leonard Lee [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 19, 2002 9:13 AM To: NT 2000 Discussions Subject: RE: DNS issue
So it sounds like you have one or a few Class C IP addresses to play with. Not a problem. Yes, continue to work towards creating a Private IP space for the internal network. In the meantime, you need to secure the internal environment by placing a firewall system in place...ASAP. Regards, Leonard Lee -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Pham, Tuan Sent: Tuesday, March 19, 2002 8:16 AM To: NT 2000 Discussions Subject: RE: DNS issue Don't ask, but we don't have private IP scheme, we're going to. This is what I have: Internet side | \------>Router| ----> mcw.edu (BIND-Primary) - This is Forwarder (static Internet IP) | | | \----> Internal Network | (Windows NT 4.0 Domain use BIND as prefer DNS) | | \-----> dc1.win.mcw.edu (W2K DNS&AD-Primary) This is Forwarding (Static Internet IP) | \----> (W2K Domain uses W2k DNS as prefer DNS) There is no zones transfer between BIND and W2K DNS. What would you think? -----Original Message----- From: Leonard Lee [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 19, 2002 6:13 AM To: NT 2000 Discussions Subject: RE: DNS issue I am assuming you have something like this: Internet side | /-----> dc1.win.mcw.edu \---------->Router| (static Internet IP) | \-----> Firewall| (Static Internet IP) | | | \----> Internal Network | (Private IP Subnet 1 - RFC 1918) | \--> DMZ (Private IP Subnet 2 - RFC 1918) What you need to do is remove the static Internet IP from dc1.win.mcw.edu and move it into Subnet 1 or Subnet 2...all depends on what the server is suppose to do. Cheers, Leonard Lee -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Pham, Tuan Sent: Monday, March 18, 2002 3:21 PM To: NT 2000 Discussions Subject: DNS issue I'm still playing around with my W2K AD and DNS, and come across this issue. I have BIND is my corperate DNS(non-AD) and W2k(AD) DNS as my internal. Can you guys do "nslookup dc1.win.mcw.edu" from your end? and explain to me that you should or should not see what you see? In another word, Is my DNS expose to the world? ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
