We have just switched ISPs and our DMZ has not taken it well. We have a web server (also our DNS server) and mail server in the DMZ using NAT and are aliased. I can ping both the web server and mail server using the nat addresses in the DMZ however we can no longer access them (ping) using the global (aliased) addresses. We have need for this because we have a form on the web server that emails information from the web server to the mail server. From our internal network we can ping both the global (aliased) and NAT addresses. How can I get the DMZ servers to recognize the global addresses?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
DMZ & DNS
- Thread starter tjkenobi
- Start date
rubbaninja
MIS
Since you switched ISP's you have to use your new ip's you purchased from them, if any. You have to adjust anything that was in relation to your old ISP. Since I don't know where your having problems my guess is your namespace from your old ISP is buh bye (meaning check DNS, not internal DNS either). Go to SamSpade.org and do some research. When we switched ISP's we had to reconfigure everything. You can't expect to work the same with the same information.
Good luck.
Good luck.
- Thread starter
- #3
HI.
You should try to reboot all related servers and the pix, or at the minimum try to restart services like DNS server.
This is because some out dated info might have been cached.
I'm also sure that you can find an alternate and better solution that will not use global addresses, and such will eliminate the need for the alias command.
For example - installing SMTP server on the web server that will be configured to send all mail destined for your company to the internal mail server address. (This SMTP service will be used internally, not openned for spammers from outside).
Some changes in your DNS server can also help unless it provides DNS also for external users/servers. Is it?
Bye
Yizhar Hurwitz
You should try to reboot all related servers and the pix, or at the minimum try to restart services like DNS server.
This is because some out dated info might have been cached.
I'm also sure that you can find an alternate and better solution that will not use global addresses, and such will eliminate the need for the alias command.
For example - installing SMTP server on the web server that will be configured to send all mail destined for your company to the internal mail server address. (This SMTP service will be used internally, not openned for spammers from outside).
Some changes in your DNS server can also help unless it provides DNS also for external users/servers. Is it?
Bye
Yizhar Hurwitz
- Thread starter
- #5
johannugroho
Vendor
configure the router behalf the PIX to statically route the subnet of global address to the PIX.
read PIX FAQ on cisco website
read PIX FAQ on cisco website
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question