Hi,
We are getting cable modem connection for our business. Existing T1 will
still handle all email, vpn and web traffic for our internal web server.
Cable connection will offload some of our internal users traffic. It will
have dynamic ip, going through a router with NAT to ISA2004 box. Is there any
way to update our internal dns (active directory integrated, servicing
internal clients with DHCP also) with routers WAN address. So we could make
it secondary MX or vpn access?
--

Wlodek

It is a contradictory request. If you have an external IP, it is resolved by
external clients using an external DNS. So the address would need to be
updated in an external DNS. It is certainly theoretically possible if your
ISP supports it. However the new DNS record would need to propagate round
the world's DNS system, so in practice it would need to be a fixed address.
This is what fixed IP addresses are for,
Anthony



"Wlodek Czeczot" <WlodekCzeczot@discussions.microsoft.com> wrote in message
news:7B76DD64-C19B-4D5D-B993-9EB7D0E4EFB4@microsoft.com...
> Hi,
> We are getting cable modem connection for our business. Existing T1 will
> still handle all email, vpn and web traffic for our internal web server.
> Cable connection will offload some of our internal users traffic. It will
> have dynamic ip, going through a router with NAT to ISA2004 box. Is there
> any
> way to update our internal dns (active directory integrated, servicing
> internal clients with DHCP also) with routers WAN address. So we could
> make
> it secondary MX or vpn access?
> --
>
> Wlodek

I was unclear about our intentions. We want to host our DNS. T1 side is all
fixed ip's. Cable connection is dynamic. We want to grab this dynamic and put
it in as "fixed" in our dns.
--

Wlodek


"Anthony" wrote:

> It is a contradictory request. If you have an external IP, it is resolved by
> external clients using an external DNS. So the address would need to be
> updated in an external DNS. It is certainly theoretically possible if your
> ISP supports it. However the new DNS record would need to propagate round
> the world's DNS system, so in practice it would need to be a fixed address.
> This is what fixed IP addresses are for,
> Anthony
>
>
>
> "Wlodek Czeczot" <WlodekCzeczot@discussions.microsoft.com> wrote in message
> news:7B76DD64-C19B-4D5D-B993-9EB7D0E4EFB4@microsoft.com...
> > Hi,
> > We are getting cable modem connection for our business. Existing T1 will
> > still handle all email, vpn and web traffic for our internal web server.
> > Cable connection will offload some of our internal users traffic. It will
> > have dynamic ip, going through a router with NAT to ISA2004 box. Is there
> > any
> > way to update our internal dns (active directory integrated, servicing
> > internal clients with DHCP also) with routers WAN address. So we could
> > make
> > it secondary MX or vpn access?
> > --
> >
> > Wlodek
>
>
>

OK, so you want to publish it to your external DNS.
1) Technically, you would need to cable modem to register its address in the
DNS. You would need the DNS to accept Unsecure updates. Just conceivably you
could write a script that dumps the cable modem configuration, extracts the
external IP and writes it to the Unsecure DNS.
2) But it isn't going to work in practice, as you don't control how often
the IP address changes, and you can't have an MX or a VPN address changing
all the time.
3) It is a very bad thing altogether to do this with an AD integrated zone
on a DC. The internal DC and DNS zone should never be accessible from
outside.
4) This is what fixed IP addresses are for. You may want to look at this
another way. Ask your ISP if they can handle these inbound services, and see
what they say,
Anthony




"Wlodek Czeczot" <WlodekCzeczot@discussions.microsoft.com> wrote in message
news:190BA1E2-392A-425E-83DF-772E6FE34D3E@microsoft.com...
>I was unclear about our intentions. We want to host our DNS. T1 side is all
> fixed ip's. Cable connection is dynamic. We want to grab this dynamic and
> put
> it in as "fixed" in our dns.
> --
>
> Wlodek
>
>
> "Anthony" wrote:
>
>> It is a contradictory request. If you have an external IP, it is resolved
>> by
>> external clients using an external DNS. So the address would need to be
>> updated in an external DNS. It is certainly theoretically possible if
>> your
>> ISP supports it. However the new DNS record would need to propagate round
>> the world's DNS system, so in practice it would need to be a fixed
>> address.
>> This is what fixed IP addresses are for,
>> Anthony
>>
>>
>>
>> "Wlodek Czeczot" <WlodekCzeczot@discussions.microsoft.com> wrote in
>> message
>> news:7B76DD64-C19B-4D5D-B993-9EB7D0E4EFB4@microsoft.com...
>> > Hi,
>> > We are getting cable modem connection for our business. Existing T1
>> > will
>> > still handle all email, vpn and web traffic for our internal web
>> > server.
>> > Cable connection will offload some of our internal users traffic. It
>> > will
>> > have dynamic ip, going through a router with NAT to ISA2004 box. Is
>> > there
>> > any
>> > way to update our internal dns (active directory integrated, servicing
>> > internal clients with DHCP also) with routers WAN address. So we could
>> > make
>> > it secondary MX or vpn access?
>> > --
>> >
>> > Wlodek
>>
>>
>>

Hi
Agree with Anthony 100%, if you want to publish services to Internet make
sure that you have Fixed IPAddress, if you don't want to enter in a
nightmare

--
I hope that the information above s you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Anthony" <anthony.spam@spammedout.com> wrote in message
news:%235Vdf4dzGHA.3568@TK2MSFTNGP03.phx.gbl...
> OK, so you want to publish it to your external DNS.
> 1) Technically, you would need to cable modem to register its address in
> the DNS. You would need the DNS to accept Unsecure updates. Just
> conceivably you could write a script that dumps the cable modem
> configuration, extracts the external IP and writes it to the Unsecure DNS.
> 2) But it isn't going to work in practice, as you don't control how often
> the IP address changes, and you can't have an MX or a VPN address changing
> all the time.
> 3) It is a very bad thing altogether to do this with an AD integrated zone
> on a DC. The internal DC and DNS zone should never be accessible from
> outside.
> 4) This is what fixed IP addresses are for. You may want to look at this
> another way. Ask your ISP if they can handle these inbound services, and
> see what they say,
> Anthony
>
>
>
>
> "Wlodek Czeczot" <WlodekCzeczot@discussions.microsoft.com> wrote in
> message news:190BA1E2-392A-425E-83DF-772E6FE34D3E@microsoft.com...
>>I was unclear about our intentions. We want to host our DNS. T1 side is
>>all
>> fixed ip's. Cable connection is dynamic. We want to grab this dynamic and
>> put
>> it in as "fixed" in our dns.
>> --
>>
>> Wlodek
>>
>>
>> "Anthony" wrote:
>>
>>> It is a contradictory request. If you have an external IP, it is
>>> resolved by
>>> external clients using an external DNS. So the address would need to be
>>> updated in an external DNS. It is certainly theoretically possible if
>>> your
>>> ISP supports it. However the new DNS record would need to propagate
>>> round
>>> the world's DNS system, so in practice it would need to be a fixed
>>> address.
>>> This is what fixed IP addresses are for,
>>> Anthony
>>>
>>>
>>>
>>> "Wlodek Czeczot" <WlodekCzeczot@discussions.microsoft.com> wrote in
>>> message
>>> news:7B76DD64-C19B-4D5D-B993-9EB7D0E4EFB4@microsoft.com...
>>> > Hi,
>>> > We are getting cable modem connection for our business. Existing T1
>>> > will
>>> > still handle all email, vpn and web traffic for our internal web
>>> > server.
>>> > Cable connection will offload some of our internal users traffic. It
>>> > will
>>> > have dynamic ip, going through a router with NAT to ISA2004 box. Is
>>> > there
>>> > any
>>> > way to update our internal dns (active directory integrated, servicing
>>> > internal clients with DHCP also) with routers WAN address. So we could
>>> > make
>>> > it secondary MX or vpn access?
>>> > --
>>> >
>>> > Wlodek
>>>
>>>
>>>
>
>