access the server by name not ip address

iqbalkhan · ‎11-22-2005

I have pix firewall with Dmz zone.

inside pix Ip: 192.168.10.1

dmz IP: 172.16.20.1

Now i have a file server in inside which ip 192.168.10.10

and name the file server fserver.

From access dmz to file server i do static map

static (inside,dmz) 172.16.20.5 192.168.10.5

Now DMZ useres can access the file server by ip address 172.16.20.5.

example: \\172.16.20.5

they can also ping 172.16.20.5.

now i want dmz users can ping fserver and access the server type the name fserver example \\fserver instant of Ip address. it is possible if possible then how i can do it .

pls help me.

jason.drury · ‎11-22-2005

This is probably not a firewall issue rather a dns issue. Can you ping "fserver" from your internal network and it resolves to the correct ip? If so, are your servers in the DMZ using the same DNS servers? If no to either question, you can add hosts entries (doesn't matter if it's Windows or Unix) on the servers/computers that need to resolve this to the ip address.

If your servers in the DMZ are setup with DNS the same as your internal hosts, and you can ping "fserver" from the inside, but not the DMZ, then you probably need to allow dns requests through your firewall (udp port 53) to the dns servers. If this is the case, then no DNS should be working.

a.kiprawih · ‎11-22-2005

This is more or less DNS issue where you need to add the server to your DNS.

Alternative way is to manually add the server name and IP to client's host file. But this is only practical for small number of clients. DNS is more preferred.

Rgds,

AK

iqbalkhan · ‎11-22-2005

thanks,i check it now