I would suggest to make your puppet master available on the net or via a firewall forwarding, and then configure your puppetmaster/firewall to only accept connections from those IPs that belong to your clients.
I assume your clients all have static IP's otherwise you would not have floated the internal DNS idea. This works very well for me for a number of services that I have internally, like my email servers. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
