Use the DNS forwarder on the firewall to establish a IP to FQDN for your host. Make sure the
"domain" in general settings is the same, and do that for the /etc/resolv.conf so that it knows the
correct domain and has the m0n0wall set as a resolve host. Your external DNS, what ever that is
going to be, would have the external IP to FQDN for the public... but do not use this as a resolve
host for your internal LAN. If you want to run a local DNS cache server, do that with another IP
address and tell it to forward requests for your internal domain name to the m0n0wall.
On Dec 18, 2009, at 5:59 PM, Joey Morin wrote:
> i'm almost certain this is not a problem with m0n0wall, nor with my config,
> but this list seems the best place to start.
> i've got a server behind a m0n0. i need to be able to reach it by the same
> name internally as externally. the dirty solution i've used in the past is
> to create a dns forwarder entry for the external domain with an empty host
> field, and to create inbound nat entries for each service that i need access
> to (http, ftp, etc...). this is an acceptable solution, since i have only
> one server behind the m0n0. if i had servcies running on more than one
> machine, i couldn't use this trick.
> this worked fine with my old slackware server. i could point to
> http://my.domain from an internal machine, and dns served up the internal ip
> of my server. from an external machine, the same url would get me to the
> same internal server via nat.
> now that i've switched to ubuntu server, it doesn't work anymore.
> i've confirmed that dns forwarding works. from an internal machine i can
> ping the machine by hostname:
> $ ping hostname
> PING hostname.my.domain (192.168.0.2) 56(84) bytes of data.
> 64 bytes from hostname.my.domain (192.168.0.2): icmp_seq=1 ttl=64 time=1.53
> however, when i try by domain:
> $ ping my.domain
> PING my.domain (192.168.0.2) 56(84) bytes of data.
> --- my.domain ping statistics ---
> 45 packets transmitted, 0 received, 100% packet loss, time 44320ms
> note that when pinging by domain, the resolved ip is correct, but no packets
> are returned.
> so it looks like ubuntu doesn't like the mis-match. slackware didn't have
> the problem. the problem is the same whether i try an unbuntu client or a
> windows xp client.
> any ideas what the problem is, or how to fix it?