Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 24 November 2024, 08:48:26 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  Traffic out primary IP to another IP on same unit...
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Traffic out primary IP to another IP on same unit...  (Read 11629 times)
kristiandg
Jr. Member
*
Offline Offline

Posts: 3


« on: Saturday 09 October 2010, 05:57:43 am »

Good afternoon all.  I'm having another odd issue with Endian that I'm hoping has an easy fix.....

In most networking environments, the internal domain doesn't match the external domain (domainname.com/domainname.local).  Because of this, when someone on the inside tries to open a webpage like "webmail.ndomainname.com", it is forced to resolve externally.  Now, this doesn't bother me - I actually want it to resolve externally because its hitting a URL redirection to turn it into the appropriate Exchange URL (domainname.com/owa).  In my case, my internet traffic goes out the primary interface address, and webmail comes in on a secondary external IP address.

However, Endian doesn't allow the connection, presumably because the initial connection is coming from another IP address ON ITSELF...

Is there any way to fix this?

Help!!!
Logged
irvinehooi
Jr. Member
*
Offline Offline

Posts: 7


« Reply #1 on: Friday 29 October 2010, 01:02:41 pm »

Hi, may be you should try the "Incoming Routed Traffic" under the "Firewall" menu.
This is very useful if you have more than one external IP address and want to use some of them in your DMZ / host a server without having to use NAT.

Hope this can help you.

Thanks.
Logged
hickmanr
Full Member
***
Offline Offline

Posts: 17


« Reply #2 on: Thursday 04 November 2010, 11:25:51 pm »

What I do is configure an extra forward lookup zone on my internal DNS for my external domain name. Therefore my network users still see the same URLs while inside, but it keeps all the traffic on my internal network.

To try to clarify better, I run a private DNS server, with records for all my internal hosts, and a public DNS server, with records for my public hosts. For my private DNS server I add another forward lookup zone for domain.com. That private forward lookup zone has nearly identicle entries as the public DNS server for domain.com except everything is entered with internal IPs (i.e. 10.x.x.x). In addition the private DNS doesn't require some records such as MX.

Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com