Services

[The following is setup in Monowall]

I'm running monowall 1.231 with two interfaces, one setup with an external IP and one for the local network.

Our domain is a .edu and registered with educause. We have the following NS entries with educause:

• ns1.itu.edu - external IP
• ns2.itu.edu - external IP

We have an internal server which is running the following services:

• ssh
• http
• dns
• pop3
• imap
• smtp

The following is setup in Monowall

NAT:

• 22 - internal server IP
• 25 - internal server IP
• 80 - internal server IP
• 110 - internal server IP
• 143 - internal server IP
• 53 - internal server IP

Aliases:

• mail - external IP
• ns1 - external IP
• ns2 - external IP
• www - external IP

DNS Forwarder

• our domain - internal server IP

The Problem:
When I do a lookup for our domain it resolves to an internal IP address which from the internet means nothing to a browser. Internally everything is working correctly, but nothing works externally.

Expected Outcome:
Our domain and the specific services in the NAT section above to get resolved to our external IP. For the services to be open to the public as well as internally.

Perhaps I'm not too clear when you combine NAT, Aliases, and DNS forwarding as to which is pointing which way. My understanding is that NAT takes an external request and forwards it to an internal IP. Aliases are entries that will allow requests to resolve. DNS forwarding allows requests to get send to our internal DNS server.

I'm not too sure that I fully understand what the problem is.  However looking at it, from externally , mail, ns1, ns2 and www at itu.edu all resolve to 64.50.102.62 which I assume is the external IP address of your monowall as it should be.  You will get problems from internally, as you will not be able to access NAT'd services from your LAN using the external IP address. Check out http://doc.m0n0.ch/handbook/faq-lannat.html  You will be much better off separating out your internal DNS and external DNS resolution.