DNS Doctoring
Attempting to access external webserver from internal network. Internal/External DNS is the same. Creating a new DNS zone for www not working as the webserver is stripping the www. How does DNS Doctoring work on the Firebox?
0
Sign In to comment.
Comments
If your goal is to access an internal web server using the public IP addr of that web server:
1) for a web server on a different firewall interface than the devices trying to access it, use NAT loopback
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/nat/nat_loopback_static_c.html?Highlight=nat loopback
2) for a web server on the same firewall interface as the devices trying to access it
Solution #1:
Add a NAT -> Dynamic NAT entry
From: Trusted To: public IP addr of server
Set Source IP: the firewall interface IP addr to which the server and workstations are connected
Solution #2:
Add a new unused subnet to the firewall interface that the server is connected, as a Secondary.
Change the IP addr of the server to one from this new subnet.
Change your policies to reflect the new IP addr of the server.
Set up NAT loopback as in 1) above