Posted on 2006-06-28
Currently I have a customer with a website hosted on a webserver on there internal lan. The website can be accessed from the internet but not internally. This is because they have a firewall address in there DSN listed as the www record for the domain name the website uses. One thing that is confusing is that this company's IT guy would put in thier DNS every domain they had purchased. So the windows 2003 domain they use internally is in there with about 3 or 4 others. One of the others is where the website is being published from. I'll refer to it as site.com. In DNS for the zone site.com the www entry pionts to the firewalls outside address. The firewall reserves the internal connection of this address for its web managment console. I changed the www record for the site.com zone and they could access it internally and I could access it from my office. about 20 min. later the site was gone from the internet but still up internally. I changed the record back and it went away from the internal and was back on the internet. I thought the internal dns was only for internal use I didnt realize it propogated records up to the isp's dns. I thought about changing the websites ip address to something other than the firewalls external address but I think the firewall only supports one outside ip. The firewall is a watchguard soho 6.
Any suggestions in how to make the website available internally.
Can and should the dns propogation to the isp's be disabled and if so, how?
Also anyone have any suggested reading to learn more about advanced DNS?