something i do that you may or may not be able to use in your situation is to have different a records for the same hostname.
internally, my network uses the main.gaddis.org. subdomain, which doesn't exist outside of the internal network. i run nameservers on the internal side which are authoritative for main.gaddis.org. subdomain. any machine inside the network that looks up (for example) www.main.gaddis.org gets the a record from the internal nameservers, pointing at 192.168.0.x. anyone outside of my network (e.g. on the public internet) that does a lookup for the same host gets redirected to my external ip. then i have 80/tcp port-forwarded into the network to the 192.168.0.x address... if you understand that. ymmv, you may or may not be able to come up with something similar to use in your situation. j. -- Jeremy L. Gaddis <[EMAIL PROTECTED]> <http://www.gaddis.org> > -----Original Message----- > From: Jerome Lacoste (Frisurf) [mailto:[EMAIL PROTECTED]] > Sent: Thursday, February 13, 2003 4:41 AM > To: Gary Turner > Cc: Debian-User > Subject: Re: network problem: configuration/DNS? cannot > access internalmachine using our external IP > > > On Wed, 2003-02-12 at 20:20, Gary Turner wrote: > > Jerome Lacoste (Frisurf) wrote: > > > > >Summary: If I try to connect to an internal server given > its dyndns.org > > >hostname, it works from the outside world, but fails if I try from > > >within our intranet. > > > > > >I have this network configuration > > > > > > E > > > | > > >Internet > > > | > > > | (EXT-IP) > > >** R ** (Firewall) > > > | (192.168.1.1) > > >___|___ > > >| | | | > > >M S M M > > > > > > > > >E: external machine > > >R: router firewall for our intranet > > >S: internal server running Linux (in fact it runs Mandrake 9.0) > > >M: internal machines > > > > > Your gateway/router is working as designed. The internal (LAN) and > > external (WAN/Internet) are kept separated. This means > that no WAN IP > > can try to connect directly with an internal address. Nor > is it allowed > > to use a LAN IP from outside. When you try to connect to > your public > > address from within the LAN, the name resolves to your own > address. So > > the router sees it as an internal address trying to get in, > and that's > > not allowed. > > OK. Is there a trick I can use so that I can access this machine from > inside AND outside our LAN using the same name? > > Would be handy for CVS configuration (which for example keeps > information in CVS/Root) > > Jerome > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
