Cannot access public IP of NAT'd internal server - from within

[leethao]

What is the best solution here. I host some web servers locally that have internal IPs (10.x.x.x)which are then NATed by router and published to inet with public IPs. I also have a public domian name that resolve to these ext IPs. Internally I have a different domain name, which only internal pcs use to resolve internal names. This is hosted on a Win2000 AD server with dynamic DNS.

The problem is when internal users try to access the public domain names for access to servers hosted thru the NAT. These requests are serviced by external public DNS srvrs that resolve to the ext public IPs, which are not accessible internally. The Router is linux using iptables for NAT.

http://www.public.com

---> 30.4.5.6
|
NAT
|

http://www.private.com

--> 10.0.0.1
(those on 10.x.x.x can't access 30.4.5.6)
(10.x.x.x resolve

http://www.public.com

to 30.4.5.6)
(if

http://www.public.com

resolve to 10.0.0.1, suffice)

Is there a way to make these ext IPs internally accessible? Or can I add the external public domain to my internal server so that all request for the public dom name resolve to the proper internal server (IP)? Is this good practice?

 

[Serbtastic]

Set up the public domain names with the internal IP addresses in your DNS server, and as long as your clients are setup to use the internal DNS server first for name resolution, this should work for you.

 

[leethao]

How would this affect servers that are actually hosted exernally?

Will Win2000 DNS server let me specify 'ftp.public.com --> 30.4.5.7'(external reference), to direct internal requests to the the correct host?

Will the internal DNS server still forward the requests for the public dom name out to public name servers if a public host isn't listed? or will I have to manage the entire public domain name locally as well, ie MX, SOA, etc?