My set up is as follows:
Internet ----> eth0 -192.139.*.* - ISP's DNS resolves to http://eros.myisp.com Eth0 ----> eth1 =(LOC zone)- 192.168.1.26 LOC windows box Eth0 ---> eth2 =(DMZ zone)- 192.168.2.26 DMZ Linux server
I have my rule set set up so that my loc zone can connect to my DMZ. Now for my question: Is there a way I can set this up so that I can connect from my loc zone windows client to my web server in my DMZ with http://eros.myisp.com <http://eros.myisp.com> as opposed to having to connect to it with http://192.168.2.26 <http://192.168.2.26> ? Am I missing something in my configuration? Or is this the way things should be?
Whether your LAN host "should be" able to connect to your DMZ Web server depsends on many things, involving both how you handle DNS and how your rules are set up. But before any of this matters, the URL http://eros.myisp.com needs to be resolvable in and of itself ... which it is not, as of about 5 minutes ago, from here:
[EMAIL PROTECTED]:~$ host eros.myisp.com
eros.myisp.com does not exist, try again
[EMAIL PROTECTED]:~$Once that works, it is mainly a matter of making sure that your LAN clients resolve the address correctly to your secret external address. Someone expert in Shorewall can comment on any specific ruleset issues; I can tell you that my Linux-based router here (not Bering/Shorewall) has no difficulty doing what you want yours to do.
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
