Internal Clients Can't see NAT'd FQDN

[SacEdog]

I saw a couple of threads on this, but none of them seem to have the right answer for my situation. Here is our setup:

- Primary DNS for zone mywebsite.com through outside provider
- Secondary DNS for zone mywebsite.com on AD Server on internal private network
- DNS A record points

http://www.mywebsite.com

to a public IP on our firewall
- Our firewall NATs that public IP to the private IP of the internal server
- Clients on the internal network cannot get to

http://www.mywebsite.com,

since the A record is pointing to the public IP

Unfortuantely, I cannot add or change records on our internal DNS server for that zone, since it is set up as a secondary zone.

Any ideas how I can get internal clients to "see" the internal server by using the same record name? (They can get to the server using the IP or \\servername).

The reason I want to use the same record name is due to a bunch of Smart Phones our sales staff just got. They are set up to sync with our Exchange server over cellular ( outside of our network). As soon as they bring them into the office, and plug them into their computers via USB, Active Sync uses the computer's network connection to sync. Due to that, the phones wont sync with the Exchange server when plugged into USB.

 

[lgarner]

Depends on your firewall. This is normal for the Pix below version 7.

I'd set up the internal DNS server as the primary and have internal clients use it. It would mean that some updates might have to be done on both the internal and ISP DNS servers, but the public DNS probably doesn't change often.