General discussion

Locked

Name resolution

By D_unafraid ·
HI All
We have registered some public IP address with our full domain name

from the external (anywhere out of my company)when I sent a ICMP request to the site name, I have the site name resolve into a public address which is correct.

back internally, when I try to sent a ICMP request to the site name, I got nothing. I try putting a A records into the DNS server, which I guess it not suppose to be the right thing to do. I have forwarders configured inthe DNS, what else am I missing out?

Thank

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by BFilmFan In reply to Name resolution

Your internal and external namespaces are different?

Are you NATing between the public and private networks?

A good site for a quick review is:
http://www.stamey.nu/DNS/DNSHowItWorks.asp

Collapse -

by D_unafraid In reply to Name resolution

Yes, I have static Nat mapping on the private and public, by the wa, that was a damn good article
Thank

Collapse -

by scottsman In reply to Name resolution

Can you ICMP other websites from inside? Many ISP's are blocking ICMP these days...

Collapse -

by D_unafraid In reply to

Yes, I can ICMP to other site, example www.yahoo.com and etc.
I just to be sure that it not a issue with the firewall

Collapse -

by D_unafraid In reply to Name resolution

new finding
from the router(connected to the internet) i cannot ping to the public address i used for my static nat. after i configure a default route to point to my PIX internal address. i manage to sent ICMP from the router
I telnet to the PIX and after sending a few ICMP to the public address i got a no response.

so now i know at least the firewall seem to be the one causing the problem

Collapse -

by loptr.chaote In reply to Name resolution

Are you sure that it's the name resolution that is the problem? Try using commands like host or nslookup to verify.

It sounds to me like this could be caused by your firewall (or someone else's) not allowing ICMP traffic.

Back to Security Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums