Should I register a DNS name for the NAT IP address?

95 pts.
Tags:
DNS
Firewalls
IP address
NAT
I have setup our firewall to NAT the inside IPs to an external IP address. Is there a reason I should or should not register this NAT IP address to a DNS name?

Answer Wiki

Thanks. We'll let you know when a new response is added.

It depends on why you NAT’d the internal addresses? What services are you exposing to the public? What do you want the public to know about those hosts/addresses? You must have DNS entries to support SMTP for sure, but if you just want visitors to go to a webhost you have, then they can use the IP address but that is a lot more difficult to remember than a DNS name.

I guess part of the reason you have not gotten a response is that since you seem savvy enough to understand firewalls, NAT and mapping IP addresses to the public IP address space – then you should understand DNS and when and why you would want to create public DNS entries.

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • springman
    After a few days of post, it doesn't look like anyone has the answer for me. I am actually not expecting a yes or no answer. There is always Pro and Con, I know. How about..... Do you in your orgniation register the firewall NAT IP address with a FQDN?
    95 pointsBadges:
    report
  • springman
    Thanks for the reply. I have about 10+ public IP addresses forwarding various types of applications to the internal IPs. Yes, that's NAT as well. I think I didn't make my question clear. Except for those managed services, all other internal machine outbound traffic going out to Internet will have a NAT IP address assigned on the firewall. In Cisco ASA, the line is: global (outside) 1 xxx.xxx.xxx.xxx It works but I am just not sure if the best pratice is to register is NAT IP with a DNS name or not. Thanks for your response.
    95 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following