0

I have a server in a clients network, seperated from theirs with a router/firewall, the intention is to have this server available through one hostname (example.com)

My idea is to have (at least) a DNS server in the outside, to have outside (out of the clients' network) access the internal server. The problem would at that point be the internal client (PC A)

example

My question: What would I have to do to make something like this work? Is it even possible or already done? The goal is to not have to change anything on either PC A or PC B, while both should access the same "internal server" while surfing to "example.com"

Perhaps adding logic to the DNS server would work (Detect the external IP of internal client [PC A] is the same as the IP for example.com -> Give the local IP as reply?)

Anyhow: Thanks for helping me think on this!

cpf
  • 287
  • 4
  • 11
  • Split DNS suggestion below is correct, don't use example.com though, remote.example.com (or similar) will be much easier. – Ed Fries Dec 09 '10 at 06:55
  • Yeah, our idea was to have a clientname.example.com solution, like dyndns in a way, because most clients will have dynamic IP's. – cpf Dec 09 '10 at 08:25

1 Answers1

3

You are basically talking about a split-DNS where some hosts are handled by an internal DNs and some by the external. this can be done by runnig a small DNS server inside the firewall with the local IP of the server. That DNs shoudl then forward all other requests to the "real" dns.

If the router has DNS built in, you could add the entry there.

Another option would be a host file entry on the inside PCs that points to the server. All other requests would go to DNS (but you mentioned not wanting to touch the PCs.).

\\uSlackr

uSlackr
  • 6,412
  • 21
  • 37
  • Unfortunately both changing the hosts file and changing the router would change the clients' network (or computer), which we're trying to avoid. At the very least, we're trying to give the client the flexibility of (e.g.) changing ISP's without having to inform us (so we can put a new router or similar), we shouldn't have the need to configure the client computer or router in any way (if at all possible of course) – cpf Dec 09 '10 at 08:23
  • If you use an internal DNS and have the clients point to it, how would that prevent them from changing ISPs without telling you? Problem is you are eliminating possible (maybe all) solutions. DNS resolution is between the client and the DNS server. You have to intercept or break it to change the results. – uSlackr Dec 15 '10 at 01:35
  • We didn't intend to put hardware in the client network in any way, preferably, this would all work externally, now, to clarify: Would it be possible to have an external DNS server internal IP's? – cpf Dec 15 '10 at 18:22