tshinder -> RE: Discussion about article on ISA firewalls protecting illegal TLDs (3.Feb.2006 12:55:29 PM)
First, thanks for the great article you posted.It really helps a lot.
Second, I have a question about DNS configuration on the exchange server.
We have one exchange server acting as the primary mail server and providing
POP3, RPC/http, OWA services to clients and replicate mails with other
sites via the intranet.
This mail server is also responsible for delivering mails to the internet via
SMTP. I would like to ask how to setup the DNS for this exchange server.
If I choose the internal DNS, then there's no way to resolve the internet domain.
If I select the external DNS, the communication to GC/DC would be failed
(It would try to get ldap data from internet because domain name of the remote office
is resolved to a public one).
Same thing happens if I point the DNS to the internal interface of ISA server.
The exchange server is attached to the internal network (1 subnet only) as well as
the DC/DNS server. But the default gateway is directed to the internal interface of
the ISA server (for SMTP mail delivering). A static route to the interal network is added
to compensate the strange default gateway.
Any suggestions would be very appreciated.
You should use an internal DNS server is configured to resolve both internal and external names.