[ previous ] [ next ] [ threads ]
 
 From:  "David Kitchens" <spider at webweaver dot com>
 To:  "'m0n0wall -'" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] DNS forwarder
 Date:  Wed, 16 Sep 2009 16:26:34 -0400
Ah... well then it sounds like your apache isn't listening on that ip for
the root domain. The forwarder is not the issue, if engfiles.test.com works
which is the FQDN, something else is causing this. 

  _____  

From: Crisman, Ryan [mailto:rcrisman at tentec dot com] 
Sent: Wednesday, September 16, 2009 4:16 PM
To: David Kitchens
Cc: m0n0wall -
Subject: Re: [m0n0wall] DNS forwarder


No I do not own test.com just using it as an example and no this server is
not accessible from outside everything is internal only.

Ryan Crisman
MIS/IT/Webmaster Manager
Ten-Tec, Inc.
1185 Dolly Parton Parkway
Sevierville TN, 37862



On Wed, Sep 16, 2009 at 3:56 PM, David Kitchens <spider at webweaver dot com>
wrote:


If the engfiles site is on the same server as the main website then this is
not a monowall config issue. I'm going to assume its a linux box for
example, apache is setup to run on that ip address for all its sites, you
have mono configured to let http in from outside so test.com is visible,
when you send an http request from the LAN, it's apache that is sorting out
which site to go to, from the outside, you haven't let engfiles.test.com to
be allowed. For this to work as you want, you will need to put engfiles on a
different internal ip than test.com and redo your forwarder to point them to
separate ip's. Apache is sitting there and giving you test.com because thats
what was asked for when you really want engfiles.test.com to resolve locally
for the request. They must be on different IP's for that to work, you are
then spoofing apache, however, your real site will no longer be available
from inside using test.com, you can add a forward for www.test.com but
internal clients asking for test will always go to engfiles.

 _____


From: Crisman, Ryan [mailto:rcrisman at tentec dot com]

Sent: Wednesday, September 16, 2009 2:52 PM

To: David Kitchens
Cc: m0n0wall -
Subject: Re: [m0n0wall] DNS forwarder


I made an entry with just the Domain and IP filled out and it still goes to
the website and not the server.

Host       Domain       IP
engfiles   test.com     192.168.1.107      WORKS!!!
             test.com     192.168.1.107      Does not Work

Ryan Crisman
MIS/IT/Webmaster Manager
Ten-Tec, Inc.
1185 Dolly Parton Parkway
Sevierville TN, 37862



On Wed, Sep 16, 2009 at 2:41 PM, David Kitchens <spider at webweaver dot com>
wrote:


If you put an entry in the forwarder with nothing in the host field, and put
test.com in domain as you have, it should point test.com to the internal ip
of the server, assuming it is inside the firewall of course. Is
engfiles.test.com on the same physical box as test.com? You have to have an
entry for every host you want to resolve.

 _____


From: Crisman, Ryan [mailto:rcrisman at tentec dot com]

Sent: Wednesday, September 16, 2009 2:30 PM

To: David Kitchens
Cc: m0n0wall -
Subject: Re: [m0n0wall] DNS forwarder


Okay that works, but is there a way when I type in test.com it goes to the
server and not some website.

Ryan Crisman
MIS/IT/Webmaster Manager
Ten-Tec, Inc.
1185 Dolly Parton Parkway
Sevierville TN, 37862



On Wed, Sep 16, 2009 at 2:30 PM, David Kitchens <spider at webweaver dot com>
wrote:


What happens if you type in http://engfiles.test.com? That is the address
you need to have local workstations point to.


 _____


From: Crisman, Ryan [mailto:rcrisman at tentec dot com]

Sent: Wednesday, September 16, 2009 1:37 PM
To: David Kitchens
Cc: m0n0wall -

Subject: Re: [m0n0wall] DNS forwarder


This is what i am doing and this is what i see

http://rcrisman.net/test.jpg

the second is test.com

the bottom its what i should see when i type test.com

router is 192.168.1.1 and the DNS address on my computer is 192.168.1.1

Ryan Crisman
MIS/IT/Webmaster Manager
Ten-Tec, Inc.
1185 Dolly Parton Parkway
Sevierville TN, 37862



On Wed, Sep 16, 2009 at 12:33 PM, David Kitchens <spider at webweaver dot com>
wrote:


 Ryan,
In the dns forwarder page, the first line is for the hostname, put the
actual internal server name in the host box, ie:servername. I use the
forwarder a lot and it works wonderfully but if you just use the domain
without a hostname things may not work like you expect if you have more than
one host.

Dave


-----Original Message-----
From: Crisman, Ryan [mailto:rcrisman at tentec dot com]

Sent: Wednesday, September 16, 2009 12:01 PM
To: m0n0wall -
Subject: Re: [m0n0wall] DNS forwarder

Yes all computers are using the firewall as the DNS server.

Ryan Crisman
MIS/IT/Webmaster Manager
Ten-Tec, Inc.
1185 Dolly Parton Parkway
Sevierville TN, 37862


On Wed, Sep 16, 2009 at 11:43 AM, Paul Rae <
paul at impacttrainingsolutions dot co dot uk> wrote:

> Works fine here, are you sure your clients are using the firewall for
> their dns? If they are using another dns server then it won't work and
> you will need to override it there.
>
>
> On 16/09/2009 16:24, "Crisman, Ryan" <rcrisman at tentec dot com> wrote:
>
> > I know about that , but when i do put an entry there it does not work.
> >
> > Lets say i put in tentec.com and ip of 192.168.1.199 (internal
> > server)
> and i
> > go to the browser and type tentec.com i get our website and not the
> internal
> > server.
> >
> > Ryan Crisman
> > MIS/IT/Webmaster Manager
> > Ten-Tec, Inc.
> > 1185 Dolly Parton Parkway
> > Sevierville TN, 37862
> >
> >
> > On Wed, Sep 16, 2009 at 10:27 AM, Lee Sharp <leesharp at hal dash pc dot org> wrote:
> >
> >> Crisman, Ryan wrote:
> >>
> >>> Okay so we have to modify the hosts files on the computer.  Thanks
> >>>
> >>
> >> No, you can do it in the firewall, but in a different part.  Up
> >> above
> where
> >> it says "Host Domain IP Description" is where you need to be working.
> >>
> >>                        Lee
> >>
> >>
> >> -------------------------------------------------------------------
> >> -- To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> >> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >>
> >>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch