Shorewall users - Oct 2008 - DMZ network without setup split dns, aka access public ip in dmz from local

HI all,

I have beed build linux firewall, with 3 interface, local, internet
and dmz. I was use one to one nat for dmz net. And I must setup split
dns for user access server form local network. So Is there any other
technic, so we can''t use split dns for local user.

Kurniadi

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer''s
challenge
Build the coolest Linux based applications with Moblin SDK & win great
prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/

kurniadi wrote:
>I have beed build linux firewall, with 3 interface, local, internet
>and dmz. I was use one to one nat for dmz net. And I must setup split
>dns for user access server form local network. So Is there any other
>technic, so we can''t use split dns for local user.
Check the docs on the website again - there is a FAQ on how to NAT 
the local users so that the server sees them all as coming from the 
firewall, and the local users see the server on the public address.

However, I''d say it''s far cleaner to setup split DNS -
it''s quite
simple, clean, logical for your local users, and avoids natting local 
traffic between the local machines and your local server.

-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer''s
challenge
Build the coolest Linux based applications with Moblin SDK & win great
prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/