SRX

Hi hits, i am not sure what os going on. I Just nerd your help alittle.

I have a Server in the dmz with am internal IP addresss of 10.1.1.3 and an external ip address of 82.70.252.149.

I have a seperate vr and a zone for this dmz.

I have a one to one static Nat to the internal ip address. I can verify the static Nat is working by using what's my ip.

The dmz server is a windows 2008 server with a iis and a dmz role installed.

Within the DNs server I have a zone called "surprisehost.com" this has several a records created within it.

Eg 2x name servers called ns3.surprisehost.com and ns4.

Also a a record called surprisehost.com.

On the actual server I can ping the newly created a records however.. when checking the a records from an external source they come back with the internal ip address.

I don't understand why this is happening.. ideas anyone.?

Hi Cmia,

 

I think you need to update the A records with external static nat ip.

 

Contact domain name providers for the same.

 

Regards,

rparthi
 

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too

Hi,

Rparthi. I did some packet sniffs and it seems the srx was passing out the internal address as well as the external address.

I decided to remove the static Nat and insert destination Nat from 0.0.0.0/0 to the external ip address. I also made a source Nat form 10.1.1.3/32 ip address to point to the egress interface to use the
82.70.252.149 ip address.

I can confirm now the egress ip address is passed through correctly and I no longer have the 10.1.1.3/32 ip address passed through.