Table of Contents
Advertisement
Content Security Gateway User's Manual
4.1.10 Host Table
The Content Security Gateway's Administrator may use the Host Table function to make the Content Security
Gateway act as a DNS Server for the LAN and DMZ network. All DNS requests to a specific Domain Name
will be routed to the Content Security Gateway's IP address. For example, let's say an organization has their
mail server (i.e., mail.planet.com.tw) in the DMZ network (i.e. 192.168.10.10). The outside Internet world
may access the mail server of the organization easily by its domain name, providing that the Administrator has
set up Virtual Server or Mapped IP settings correctly. However, for the users in the LAN network, their WAN
DNS server will assign them a public IP address for the mail server. So for the LAN network to access the mail
server (mail.planet.com.tw), they would have to go out to the Internet, then come back through the Content
Security Gateway to access the mail server. Essentially, the LAN network is accessing the mail server by a
real public IP address, while the mail server serves their request by a NAT address and not a real one.
This odd situation occurs when there are servers in the DMZ network and they are bound to real IP addresses.
To avoid this, set up Host Table so all the LAN network computers will use the Content Security Gateway as a
DNS server, which acts as the DNS proxy.
If you want to use the Host Table function of the device, the end user's main DNS server IP address
should be the same IP Address as the device.
Click on System in the menu bar, then click on Host Table below the Configure menu. The Host Table
window will appear.
- 34 -
Advertisement
Table of Contents
