Resolving DNS when VPNing into corporate

At the moment we're stuck with the dreadful PPTP connection.

We've been using HOSTS file for over 4 yrs now. I'm tired of it and my first

task when I joined was installing a DNS server. It's been running fine but

the binding order isn't correct. Then again, the domain we use both servers our

internal and external use. When I VPN into corporate, I can't resolve our internal

servers. Our domain is registered through register.com (f'n hate them) and they also

serve our DNS info.

Silly question but I created an A record on register.com that points one of our internal server to 192.168.10.100 which points to the internal IP of the server. Please note, the server is not accessible from outside. Is it a good idea to do this? I dont want someone just pinging things randomly and seeing our internal IPs.

2 Replies

Nobody outside of your company will be able to reach your server by connecting to 192.168.10.100, because the IP range 192.168.0.0/16 is not publicly routable. If they're lucky, they'll reach some computer in their own office. Or the box in their living room, if they have their router set up in a particular way.

Still, I don't think it's a good idea to have private IPs in public DNS registries. It just doesn't make sense having that information hanging there for all to see.

@hybinet:

Nobody outside of your company will be able to reach your server by connecting to 192.168.10.100, because the IP range 192.168.0.0/16 is not publicly routable. If they're lucky, they'll reach some computer in their own office. Or the box in their living room, if they have their router set up in a particular way.

Still, I don't think it's a good idea to have private IPs in public DNS registries. It just doesn't make sense having that information hanging there for all to see.

Yes, I realize no one will be able to connect to our internal, but I'm referring to those using VPN. Once I connect to the VPN, their laptops uses their LAN's DNS to resolve the domains. I was able to "fix" this by creating A records on register.com and give them our internal IPs.

I agree, I dont want our internal IPs listed publicly.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct