02-21-2002 11:11 PM - edited 02-20-2020 09:59 PM
hi,
Everything fine when DNS is Outside.If i place a DNS in INSIDE, i cant able to even browse and does not reslove.
i have enabled fixup protocol domain 53, static mapped, access-list for UDP configured..
where i am wrong?.
I am using alias command for my INSIDE Webservers..do i need to remove alias and check?
Pls help......
02-22-2002 01:06 AM
Rajan,
First - disable fixup DNS that's not for your scenario.
Second - your DNS server should not be NATed, or it'll be definitely non-authoritative and "possibly" lame.
Place it on DMZ and use "nat 0" with proper access lists.
Third - it's recommended to disable the zone transfer to all except the servers listed as NS for that zone.
Fourth - be sure that you have the latest BIND (Unix/Linux/etc) or NT2K with the latest security patches installed.
02-22-2002 02:52 AM
thanks...
I hv an internal network of 10.10.X.X in Local.
i hv nated Nat (inside) 1 0 0 0 0
i hv webserver which is nated and local ip is 10.10.1.135.
My Local DNS server ip is 10.10.3.150. ..can i just add Nat (inside) 0 10.10.3.150 255.255.255.0 0 0
is it possible?
I dont hv DMZ at right now...Is it not possible to Place DNS in INSIDE?
i am using WINDOWS 2000 Advanced Server for DNS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide