Re: Tracert shows different IP Resolve
- From: "Jim Harrison" <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 4 Sep 2003 09:11:23 -0700
NSLookup makes its own DNS queries, while other Winsock-based apps rely on
the DNS cache.
Try "ipconfig/flushdns" and "nbtstat -RR" before you use Tracert...
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://www.microsoft.com/isaserver
http://isaserver.org/Jim_Harrison
http://isatools.org
Read the help, books and articles!
----- Original Message -----
From: "William Robertson" <robertson.william@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, September 04, 2003 06:37
Subject: [isalist] Tracert shows different IP Resolve
http://www.ISAserver.org
Hi there
I am trying to access a website on the "public" side of my ISA Firewall, but
it's actually not public because it is then "routed" (I have a PIX managing
my DMZ's) over a WAN link to another company where I then access the private
IP Address of their web server.
I am also hosting a secondary DNS Zone of this other company to allow me to
access their private addresses.
When I do an NSLOOKUP of the website from my workstation, it returns the
private IP Address (172.16.x.x) just fine. When I do a TRACERT it also works
fine.
BUT
When I do a TRACERT on the ISA Firewall, it all of a sudden tries to access
the Public IP Address of this web server. (The NSLOOKUP from the ISA also
returns the private address correctly). This then explains why I cannot
access this website from my IExplorer, but I would like to know how to fix
it.
The DNS of my ISA is setup as follows:
Internal Interface
- Use my own internal DNS with Forwarders set to my ISP
External Interface
- Nothing, both DNS entries are empty
Does anyone have any ideas on how to address such an issue?
Cheers
William R.
_____
William Robertson
AST Mpumalanga
Systems House / Consultant: Software
Tel: 013-2472703 / 083 638 0354
Fax: 013-2462236
---------------------------------------------------------------------
Everything in this e-mail and attachments relating to the official
business of Columbus Stainless is proprietary to the company. It is
confidential, legally privileged and protected by law. Columbus
Stainless does not own and endorse any other content. Views and
opinions are those of the sender unless clearly stated as being that
of Columbus Stainless. The person addressed in the e-mail is the sole
authorised recipient. Please notify the sender immediately if it has
unintentionally reached you and do not read, disclose or use the
content in any way. Whilst all reasonable steps are taken to ensure
the accuracy and integrity of information and data transmitted
electronically and to preserve the confidentiality thereof, no
liability or responsibility whatsoever is accepted if information or
data is,for whatever reason, corrupted or does not reach its intended
destination.
---------------------------------------------------------------------
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*
All mail from this domain is virus-scanned with RAV.
www.ravantivirus.com
^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*
Other related posts:
