Need help on setting up win2000 dns

[Yui]

Hi,
I am trying to setup an Win2000 DNS server in DMZ behind an Watchguard
Firebox X, the public DNS IP from the ISP is NAT'd from the firewall
to the DNS server, 60.x.x.x to 10.x.x.x. First I set it up with the
static IP from the ISP just to make sure my DNS configuration is fine,
with success. And then I set it up behind the firewall with the
internal private address, 10.x.x.x., however, I can not lookup the
server properly... Would it be possible to resolve this issue, or
should I replace it with Bind?
Please advise,

 

[Herb Martin]

Hi,
I am trying to setup an Win2000 DNS server in DMZ behind an Watchguard
Firebox X, the public DNS IP from the ISP is NAT'd from the firewall
to the DNS server, 60.x.x.x to 10.x.x.x.

Where is the 10.x.x.x machine? Or are those two NICs on
one machine?

First I set it up with the
static IP from the ISP just to make sure my DNS configuration is fine,
with success.

And then I set it up behind the firewall with the
internal private address, 10.x.x.x., however, I can not lookup the
server properly...

Which server?

Would it be possible to resolve this issue, or
should I replace it with Bind?

Huh?

Any problem (of misconfiguration) can be resolved and
Windows DNS is almost always superior for Windows
domains (over BIND.)

DNS
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) On the internal DNS servers set the ISP DNS server(s) as
the FORWARDER

Restart NetLogon on any DC if you change any of the above that
affects a DC.

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.