You can put it in either place, but I would put it
behind the PIX. You can create a conduit for it
and only allow it to use port 53 (tcp and udp).
I hope you have more than one dns server. And if
you don't already use the split dns concept, I'd
give that some serious thought.
kelly
Quoting Austin <[EMAIL PROTECTED]>:
We have our own Web Server with a legal ip address which is NAT'd (is that a
word?) from our LAN to the outside?
Where do I put the DNS Server? Behind the PIX on the LAN (inside interface)
or the outside interface?
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
