Tuesday, August 25, 2020

DNS behind firewall

I needed to setup a domain name with some CNAME records to get access to some services we have running in our office behind our firewall.

We have a Synology NAS so I'm using the free domain from synology we can get for DDNS. I'm then using a reverse proxy to route the traffic to the appropriate locations on the office network based on the url subdomain.

However for the DNS, I'm using the DNS service that is on our NAS. Which also is our active directory and has the AD DNS zones associated with that as well.

Through the firewall im letting in all udp/tcp traffic on port 53 and directing it to the NAS.

Is there an issue with letting in any web traffic on port 53 to get access to the DNS server for the purpose of solving the domain I set up? Considering the AD stuff is also there?

Would I be better to use a cloud DNS?



No comments:

Post a Comment