Internal NS
Joseph S D Yao
jsdy at cospo.osis.gov
Wed Mar 29 20:04:52 UTC 2000
On Thu, Feb 24, 2000 at 03:14:03PM -0800, Jared Johnson wrote:
> Pretty Typical Network Layout
>
> (Servers) DMZ
> | |
> (Clients) --- LAN --- FW --- Router --- ISP
...
> Our clients can't seem to query https sites ie
> (https://www.pcbanking.washingtonmutual.com/logon/)
> We can resolve the top levels (ie washingtonmutual.com) just fine. Other
> banking sites and investing sites do the same. This isn't a bad problem to
> me because I don't have to limit the access to these sites now, but would
> like to know what's causing this. At first I thought it was the FW but the
> log doesn't show any rejects during the query. They work just fine if I use
> my ISP's NS.
Are you sure that they can't resolve the name? Could it just be that
your firewall does not have an HTTPS proxy?
You never mention what name server the internal clients are using,
OBTW.
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list