Can access OWA externally but not internally

I am running Exchange 2000 Ent. on two backend servers and have a front-end server as well.  My PIX firewall has a static NAT that forwards traffic from the outside to my OWA server which is on my LAN.  Accessing the OWA server works outside the firewall.  However, OWA does not work internally except to enter in ip_address/exchange.  I  thought about creating a CNAME record on my DNS server to resolve my OWA server URL except my internal AD domain name is different than my public domain name.  Is there a way to create a rule in my firewall that will redirect to my internal OWA server?
wmorlettAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SembeeCommented:
You cannot route traffic back on itself in the firewall.
Therefore you will have to setup a split DNS system. This is where you have a local copy of the DNS information internally, which contains a mix of internal and external addresses.

I have more information on what you need to do here:

http://www.amset.info/netadmin/split-dns.asp

Simon.
0
BrianClark72403Commented:
Assuming you have an internal DNS server set up, can you just add a zone that pretends to be your external domain and then put the internal IP address in.

To test though, add 'yourexternaldnsname.company.com' to your HOSTS file with the internal ip.

eg

192.168.0.50    outlookweb.mycompany.com

I've got a client whose domain is 'something.local.'  On their primary internal DNS server I've created a zone called 'something.com' and then put in the internal ip address for 'www.internal.com' for the similar scenario.
0
BrianClark72403Commented:
I meant www.something.com (sorry)  - also you can't route traffic intended for the inside of a pix back over the inside of a pix.
0
wmorlettAuthor Commented:
I was able to solve the problem by using the following command on my PIX:

static (inside, outside) PUBLIC_IP INTERNAL_IP dns netmask 255.255.255.255. 0 0

PUBLIC_ IP = PUBLIC IP address of OWA
INTERNAL_IP = PRIVATE IP address of OWA
0
moduloCommented:
PAQed with points refunded (125)

modulo
Community Support Moderator
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.