This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web server in DMZ

Is there a way that I can provide name resolution (for web browser purposes) of a web server in DMZ if ASL box is used as http proxy server?

I know I can do it with a hosts file on each LAN machine but is there a better way? (There is no internal DNS server)

I thought an entry in /etc/hosts on ASL box might do the trick but this obviously only applies to the ASL box itself and is obviously not utilised by the squid proxy and hence the LAN machines.

Any help shedding some light on this probably silly request is very welcome.

This thread was automatically locked due to age.

0 eldorado over 23 years ago

hi mr b

try to enable the DNS proxy on ASL, "tell" your webserver in the dmz that his nameserver is ASL, and in DNS proxy forward the requests to your ISP DNS server.

That's it! (I hope, someone correct me if I'm wrong)

by
eldorado
Cancel
Vote Up 0 Vote Down

Cancel
0 mr b over 23 years ago in reply to eldorado

hi eldorado

Many thanks for your reply.

The DNS proxy on ASL was already enabled and forwarding requests to ISP DNS server - but I hadn't told my DMZ webserver to use it for DNS resolution. I changed this and it can now resolve external domains like all the internal pcs.

However, I still cannot resolve any machinename.mydomain.co.uk, but wouldn't that rely on the external ISP DNS server registering all internal machine IPs to a FQDN? Which isn't gonna happen given the fact that they all effectively appear to be the same ip address (ie that of the ASL box?)

Maybe I'm being a total nonce and if so I apologise.

Thanks for yor input - much appreciated.
Cancel
Vote Up 0 Vote Down

Cancel