• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 314
  • Last Modified:

Why do i need to have an entry in the local hosts file on PC's inside the LAN that maps to the cag

When users inside the LAN access my citrix access gateway in the DMZ (cag has 2 interfaces - one internal ip one dmz ip) they have to have an entry that maps the internal interface of the cag to its FQDN. It was explained to me why this was - but unfortunatly I have forgotton - Can Someone please explain to me thankyou. I know its a DNS type of issue but just need explanation. - perhaps way arounnd TA
0
philb19
Asked:
philb19
  • 2
  • 2
1 Solution
 
BrattisCommented:
You do not need a entry in local hosts file. If you use internal DNS, just place a Host(A) record for the cag. I guess the reason for this is that you want to use the same fqdn local as on the internet for remote connecting users. Though, if using DNS'es outside your control, you need hosts file entrys.

/Brattis
0
 
philb19Author Commented:
Thanks knew it was along that line - Still a bit confused - I zone transfer my internet zone - from isp to my internal DNS server - so internet lookup for our external dns is done local. In that external DNS zone I do have a host entry for cag - but it maps to the dmz interface of the cag. Why is this not sufficient - it must be working for external users? - but internal users need the internal interface (internal private IP) of the cag mapped to the FQDN (which is in an external zone - ie cag.mycompany.com)?
0
 
BrattisCommented:
What happens if you mannualy create at record in your internal DNS pointing the same fqdn to the internal IP-adress of the CAG? Dont really know if you can get your own recort to take precedence over the transfered record.  But, if it does, this should work for you.

/Brattis
0
 
philb19Author Commented:
i cretaed a new zone in a new windows dns server     company.com.au

put an A host record in - cag.company.com.au    and citrix receiver connected ok

0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now