can't access public website from within web server domain, need to force NAT

From: Will (will_at_nootron.com)
Date: 06/10/04

• Next message: John: "Unwanted WINS traffic"
• Previous message: Steven L Umbach: "Re: Hosting DNS locally"
• Next in thread: Phillip Windell: "Re: can't access public website from within web server domain, need to force NAT"
• Reply: Phillip Windell: "Re: can't access public website from within web server domain, need to force NAT"
• Reply: Steven L Umbach: "Re: can't access public website from within web server domain, need to force NAT"
• Messages sorted by: [ date ] [ thread ]

---

Date: 10 Jun 2004 08:09:14 -0700

Greetings. I have set up a cluster of 3 win2k3 machines to serve up
public websites. They are all part of one domain, with one machine
acting as the DC/DNS server.

My problem is that FROM THE MACHINES THEMSELVES I cannot access the
public websites that the servers are serving up. The reason is
because i have a firewall that uses NAT to convert public IP requests
to a non-routable subnet (e.g. 63.254.267.15 -> 192.168.10.10) and
requests from behind my firewall are not routed back out and in
through the firewall.

So I am forced to edit the system32/drivers/etc/host files to map
"mycompany.com" to 192.168.10.10 so that I can browse the websites
from within the domain. (I need to do this because we have one machine
consuming webservices from the other machine and it is doing so by
domain e.g. xml.mycompany.com/someservice.asmx/getdata).

Is this a DNS issue? Or is this perhaps a problem with my firewall
setup? Is there a way w/ DNS or other networking configurations to
force these internal http requests to go outside the firewall so they
can be NAT'ed and served up correctly? Or is the hosts file my only
solution?

Thanks for your help with this!

Will

---

• Next message: John: "Unwanted WINS traffic"
• Previous message: Steven L Umbach: "Re: Hosting DNS locally"
• Next in thread: Phillip Windell: "Re: can't access public website from within web server domain, need to force NAT"
• Reply: Phillip Windell: "Re: can't access public website from within web server domain, need to force NAT"
• Reply: Steven L Umbach: "Re: can't access public website from within web server domain, need to force NAT"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: Windows 2003 external nslookup times out, internal works ... My firewall does not log responses to DNS (or any other ... ports), only the initial requests. ... (microsoft.public.windows.server.dns) Re: [fw-wiz] Win 2003 and PiX ... - Use a different firewall (the option I recommend, ... Turn off DNS fixups on the PIX (make sure you're not using their DNS ... > its DNS requests, apparently using RFC 2671 to specify the ability to ... > accept>512 byte UDP replies. ... (Firewall-Wizards) Re: [opensuse] DNS not responding through firewall ... through the firewall. ... I can get DNS ... requests to respond from the server from the local LAN, ... The firewall is off on the DNS server. ... (SuSE) [opensuse] DNS not responding through firewall ... through the firewall. ... I can get DNS ... requests to respond from the server from the local LAN, ... The firewall is off on the DNS server. ... (SuSE) Re: Network Firewall/Routing Solution ... Cisco router w/ Firewall IOS, ... > not working properly at all with multiple network cards. ... > I will need to deal with inbound web and ftp requests from the ... > non-pasv connections. ... (comp.security.firewalls)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)