We have a PIX firewall and We are thinking to move our external DNS server to our DMZ. We're using DNS Doctoring:
static (dmz,outside) DMZ_server1_public_IP DMZ_server1_private_IP netmask 255.255.255.255 dns
static (dmz,outside) DMZ_server2_public_IP DMZ_server2_private_IP netmask 255.255.255.255 dns
If I specify our DMZ hosts private IP address to the DMZ DNS server, It will work fine when an external user try to resolve a DNS name. For example, if an external user try to resolve our server1 DNS name, He will get the correct public IP address or He will get the private IP address specified in the DNS server?
This is more a DNS question than a firewall question. The querying device would receive whatever IP address you have configured in the zone file. If you have your private IPs configured, that's what it would get in response.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...