[ previous ] [ next ] [ threads ]
 
 From:  "James McKeand" <james at mckeand dot biz>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Accessing NATed service from LAN - is it coming?
 Date:  Tue, 2 Aug 2005 11:09:36 -0500 
Justin Reid wrote:
> On Aug 2, 2005, at 11:32 AM, James McKeand wrote:
> 
>> I assume you are using the DNS Forwarder on the m0n0wall. Have you
>> tried the "overrides" on the DNS Forwarder page? This will allow you
>> to map the "outside URL" to an internal IP. When an internal client
>> queries the
>> m0n0wall for the "outside URL" the m0n0wall will respond with the
>> internal IP. 
> 
> Does this work if I am not using m0n0wall as the DNS server? Also,
> when I access the webserver with lets say 10.0.1.200, then apache
> responds with the outside URL. If I set the override up, would my web
> browser re-lookup the dns every page I go to?

Thus, the assumption that you are using the DNS Forwarder or put a
different way: using the m0n0wall as the DNS server. If you are not
querying the m0n0wall to resolve DNS requests - having anything in the
"overrides" will be useless...

Here is the forwarder override concept:

1) On real DNS www.domain.tld resolves to public IP assigned WAN
interface
2) Inbound NAT translates port 80 & 443 on WAN interface to private IP
(10.0.1.200)
3) DNS Forwarder has an override for www.domain.tld pointing to private
IP
4) Client machine on LAN uses m0n0wall as DNS (or LAN DNS uses m0n0wall
as a forwarder) 
5) LAN Client quires to www.domain.tld are directed to private IP
6) "Outside" client quires to www.domain.tld are directed to public IP


_________________________________
James W. McKeand