On Wednesday 02 November 2005 02:53 pm, JC wrote:
> Hi everyone,
>
> I have this problem that I'm not sure what's the best solution for it. I
> need your input & help...
>
> I have an internal network behind a hardware firewall. All traffics go
> thru. the firewall. One of the firewall's rules is that it doesn't allow
> internal network accesses internal resources that travels outside then
> come back. In the other words, it drops all packets originate from inside
> the network that travels outside and then come back to access internal
> resources.
>
> For example: I have web server (used internal ip 10.1.1.10) behind the
> firewall, internal network can access this web server with
> http://10.1.1.10, but they can't access http://www.mydomain.com. Assume
> that I have static IP (xxx.xxx.xxx.xxx) maps to 10.1.1.10 and dns record
> www.mydomain.com points to xxx.xxx.xxx.xxx
>
> What I want is to allow users inside the network be able to access
> http://www.mydomain.com instead of http://10.1.1.10
>
> Here is my question:
> should I change the rule of the firewall? If so, is there a security
> risk?
>
> Is there any other solution for this?
>
> By the way, I don't have an internal DNS, I use my ISP DNS service.
>
> Thank you so much for your help,
> JC
Modify the hosts file of your clients to point
10.1.1.10 to www.mydomain.com
Under windowsXP, open the file here: C:\WINDOWS\SYSTEM32\DRIVERS\ETC with
notepad.
add in a line:
10.1.1.10 www.mydomain.com
