On Tue, 2004-08-24 at 03:39, Travis Fraser wrote: > On Mon, 2004-08-23 at 17:29, Mike Burger wrote: > > On Mon, 23 Aug 2004, Rodolfo Alcázar wrote: > > > > > From: "Mike Burger" <mburger@xxxxxxxxxxxxxxxxx> > > > > > > > On Mon, 23 Aug 2004, Rodolfo Alcázar wrote: > > > > > > > > > > Errr, this is a classic case for a split DNS setup, you need to setup > > > > > > DNS to point to it's DMZ interface on/within the firewall, or just add > > > > > > it in the hosts file, don't try to connect to the external interface > > > > > > and use the NAT, it don't work that way. I could be wrong. > > > > > > > > > > > > Yang > > > > > > > > > > Thanks, Yang. I didn´t heard about split DNS setup. I will try it. Best > > > > > regards. > > > > > > > > In the meantime, you can use something like this (I used this until split > > > > DNS came into play on my network): > > > > > > > > $IPTABLES -t nat -A PREROUTING -i internal-interface -d > > > your.external.ip.address -j DNAT --to your.internal.destination.IP > > > > $IPTABLES -t nat -A POSTROUTING -o internal-interface -d -s > > > your.internal.netowrk/netmask -j SNAT --to firewall's.internal.ip.address > > > > -- > > > > Mike Burger > > > > http://www.bubbanfriends.org > > > > > > Thx, mike. This is the solution I was expecting for, but I think the split > > > DNS is my right answer. I will do the same as you, use this rules in the > > > meantime. Best regards. > > > > Happy to help. > > > > If you need an example of a split DNS config, let me know. I'm using it, > > now, in lieu of the routing routing option. > > -- > > Mike Burger > > Hi Mike, > > I would like to see the split-DNS config. This thread is very timely for > me as I am setting up the exact arrangement in my network. > > Thanks, > Travis Fraser Hi Mike, I am also interested in having a look at the split DNS config. Thanks, Saket
