I suspect it's the spoofing setting. I think your ext interface may be
rejecting your int ip address. If you put in the ip add instead, the packets
never route out to the firewall anyway. But I agree with the other post,
internal dns is the way to go for many reason. :)
Rgrds,
Wong.
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Parthiv Shah
> Sent: Wednesday, November 03, 1999 5:07 AM
> To: [EMAIL PROTECTED]
> Subject: Question: NAT on solaris 2.6
>
>
> Hello,
> I have setup a Check point firewall on Solaris 2.6 and this is how I am
> doing NAT for my web server.
> i.e. 1.2.3.4 is in bound ip and 10.2.3.3 is out of bound ip.
> I created arp entry and static route for 1.2.3.4 on the fw.
> Also, I created a rule for NAT on the fw.
>
> By doing all of the above when users from Internet go to
> http://www.companyname.com the rule is working fine and the users
> are going to the appropriate web server (My dns for the web is
> pointing to the in band ip address 1.2.3.4.)
> But when users from inside the fw (who are on the segment 10.2.3.x) trying
> to connect to the website the DNS is resolving to IP 1.2.3.4 and they are
> trying to connect to webserver and it is FAILING. On the other
> hand if they
> put IP of 10.2.3.3 in there URL it's working fine. Any idea?
> thoughts? May
> be there should be some special trick for DNS side or something?
>
> Thanx in advance,
> Parthiv
> [EMAIL PROTECTED]
> http://www.netadmin.net
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
