Cisco PIX and “DNS Doctoring”
I have been searching long and hard for the solution that allows Server A and Server B, both of which are behind the same Cisco PIX and are within the same private network, to communicate with each other using their public IP addresses. The firewall, in this case a Cisco PIX 515E, is configured with static routes that map public IP addresses to private IP addresses. Packets that originate from Server A and are destined for Server B’s public IP address appear to be dropped by the firewall. Richard Lee, a VoIP Sales Engineer from Covad Communications, was helpful enough to provide this link. A solution, using alias, allows Server A to access Server B using its canonical name and DNS. For obvious reasons, this solution is better than using public or private IP addresses for communication between hosts as originally sought.