Topic: Internal access? (Read 989 times)

Gatorscott · « **on:** August 26, 2011, 08:15:35 AM »

I currently have multiple sites working from outside of our private network, publicly accessible from the internet. Its a "reverse proxy" design.

I now want to make those sites available internally as well. However, when I set the Netscaler's Mapped IP in my hosts file for the domains, I get nothing...

What else do I need to do to get this working from the inside without impacting the production outside access?

Thanks!

jmelika · « **Reply #1 on:** August 29, 2011, 10:25:47 PM »

This doesn't sound like a behavior the Netscaler would have by design. There must be a misconfiguration somewhere. If possible, create a new VIP that is identical in settings to the production VIP and test that. If the issue persists, then narrow it down by pointing it to a single backend server then monitor the logs while you make the request. You basically need to know if the Netscaler is dropping your request or the server.

Paul B · « **Reply #2 on:** October 14, 2011, 05:30:31 AM »

The MIP (or SNIP) address is used for traffic FROM netscaler to internal servers.... apart from management, there's is nothing you can connect to via the MIP.

Assuming you have a simple firewall with 3 interfaces (world, dmz, corporate), then you could set up some routing rules (rather than NAT rules) to allow access to the DMZ IPs used on Netscaler.... then set your internal DNS to point to those IPs.

I guess you COULD also setup your Firewall to NAT the same public IPs as set on the "world" interface onto the "corporate" interface.. that way the DNS would be the same as the public dns.

Netscaler Knowledgebase

News:

Author Topic: Internal access? (Read 989 times)

Gatorscott

Internal access?

jmelika

Re: Internal access?

Paul B

Re: Internal access?