The DNS setup as follows. The reason for the way it is setup is due to a pre-existing network segmentation by 2 PIX firewalls. There is a DNS for each PIX.
The DNS of the internal PIX does resolution for clients within its PIX segment. Basically when clients from the internal PIX do a ping or nslookup for server.internalpixdomain.publicdomain.com, the DNS of the internal PIX would resolve it. If the clients from the internal PIX want to nslookup for
server.externalpixdomain.publicdomain.com, tne DNS of the internal PIX would forward it to the DNS of the external PIX which would resolve it and send it back. Now if the clients from the internal PIX want to nslookup google.com, then the DNS of the internal PIX would forward it to the DNS of the external PIX which would then forward it to the publis DNS which would resolve it and send it back recursively. Similarly when clients from the external PIx would try to
resolve on the DNS of the external PIX first before being forwarded to the public DNS.
Now, I cant touch the PIX or the network setup, but I can make changes on the DNS of the internal PIX and the DNS of the external PIX. The clients DNS for the clients on the internal PIX is setup in the following order,
DNS of internal PIX
DNS of external PIX
public DNS
My question!! server.internalpixdomain.publicdomain.com is listed on the DNs of the internal PIX in the zone of internalpixdomain.publicdomain.com. A client from internal PIX segment can do a lookup for it and be returned an IP from the DNS of the internal PIX. Now, internalpixdomain.publicdomain.com is a server on the internal PIX segment and externalpixdomain.publicdomain.com is a server on the external PIX segment, the translated IPs of which is listed on the public DNS. But when clients try to do a lookup on the these server, they are not returned a value. When they do a lookup of other servers in publicdomain.com, they are returned a value, but not for these servers though. So how do I make this happen?? Since I can do a lookup for publicdomain.com as well as servers on publicdomain.com, when I set the client DNS directly to publicdomain.com, I kinda thought there must be a way to make this happen. The internal PIX DNSs are Win2K3. What am I missing here??
Kindly advice. Links to articles which would help me understand the above would be great as well!!
Thanks.
The DNS of the internal PIX does resolution for clients within its PIX segment. Basically when clients from the internal PIX do a ping or nslookup for server.internalpixdomain.publicdomain.com, the DNS of the internal PIX would resolve it. If the clients from the internal PIX want to nslookup for
server.externalpixdomain.publicdomain.com, tne DNS of the internal PIX would forward it to the DNS of the external PIX which would resolve it and send it back. Now if the clients from the internal PIX want to nslookup google.com, then the DNS of the internal PIX would forward it to the DNS of the external PIX which would then forward it to the publis DNS which would resolve it and send it back recursively. Similarly when clients from the external PIx would try to
resolve on the DNS of the external PIX first before being forwarded to the public DNS.
Now, I cant touch the PIX or the network setup, but I can make changes on the DNS of the internal PIX and the DNS of the external PIX. The clients DNS for the clients on the internal PIX is setup in the following order,
DNS of internal PIX
DNS of external PIX
public DNS
My question!! server.internalpixdomain.publicdomain.com is listed on the DNs of the internal PIX in the zone of internalpixdomain.publicdomain.com. A client from internal PIX segment can do a lookup for it and be returned an IP from the DNS of the internal PIX. Now, internalpixdomain.publicdomain.com is a server on the internal PIX segment and externalpixdomain.publicdomain.com is a server on the external PIX segment, the translated IPs of which is listed on the public DNS. But when clients try to do a lookup on the these server, they are not returned a value. When they do a lookup of other servers in publicdomain.com, they are returned a value, but not for these servers though. So how do I make this happen?? Since I can do a lookup for publicdomain.com as well as servers on publicdomain.com, when I set the client DNS directly to publicdomain.com, I kinda thought there must be a way to make this happen. The internal PIX DNSs are Win2K3. What am I missing here??
Kindly advice. Links to articles which would help me understand the above would be great as well!!
Thanks.