Rerouting internal Requets to our external IP back towards the intern Target

MartinK Posts: 1
edited April 2021 in Security
Hi Folks
Is there a simple way (rule) to reroute internal clients which are accessing our web servers (intern) and using by accident the outer/external IP-Address.
We try to use internal DNS-resolution so that internal clients get a internal address for some services. However it still happens, that clients us external DNS-Sources and therefor try to access form inside our external IP-Addresses.

Any hints would be appreciated

Best regards, Martin

All Replies

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,366  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Welcome to Zyxel community.
    Currently USG does not support redirect DNS traffic function.
    But as your scenario, LAN side client still accessing internal server by WAN side IP via NAT rule.
    You can disable “NAT loopback” function in your NAT rule.

    After disabled NAT Loopback function, LAN side client is unable accessing to your server by WAN side IP anymore.
    But please inform your users, setup your internal DNS server IP on their PC avoids unable accessing to internal server.

Security Highlight