Public Address went internal

Posted on 2006-04-15
Last Modified: 2010-04-09
I have some websites I am hosting.  However they are being hosted using one to one nat.  So when I am using external dns it looks for the public address, but for some reason I cant lookup my websites via the public addresses, I dont know if the firewall is blocking the loop or what, when I am outside the network, I can view the websites no problem, but internally Its not showing up . I am using a watchguard x500 .. any ideas ?

Question by:focusen
    LVL 51

    Expert Comment

    by:Keith Alabaster
    Are you hosting your own DNS as well or is that held by the ISP?

    Author Comment

    well our dns is hosted outside the network , so our ip addresses sare something like this


    our dns = 209.222.313.x

    so we are using a public address as our dns server, but its hosted outside , we can add records to it, but we dont want to .  I think my firewall sees a loop and is blocking it.

    Author Comment

    those numbers were just examples not real !
    LVL 51

    Expert Comment

    by:Keith Alabaster
    So you don't have an internal dns server?
    Is port 53 UDP traffic allowed out through the watchguard?
    LVL 32

    Accepted Solution

    Your firewall is probably preventing it to go outside and come back in using the natted address. Something like;

    Server (>Mapped to x.x.x.x)-----------Firewall (Nat)---------Internet.

    So when you try to access your webserver, the dns server returns the address as x.x.x.x and then you try to connect to it. But you are trying to connect to x.x.x.x using a natted outgoing connection which the firewall might block.

    If you try to access the websites using the local ip addresses within internal network and *IF* it works, you have 2 solutions;

    1. Install a DNS Server inside to your domain and have an alias command to point the webservers to the local ip + provide this server as the dns server to all your internal machines.

    2. Update the hosts file on all the machines to include the webserver resolution to the local ip address.

    Depending on your network, you can choose which one to fit.


    Featured Post

    Courses: Start Training Online With Pros, Today

    Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

    Join & Write a Comment

    Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    25 Experts available now in Live!

    Get 1:1 Help Now