Hello I have a cisco 1821 router acting as remote access for vpnclients, LAN LAN VPN device and also
LAN router. All in one.
My LAN has a 192.168.23.0/24 addressing, and router has 2 IP Addresses, one on public IP on the public interface Fa0/1
and 192.168.203.1 on the private interface Fa0/0
I set up it as a name server for local LAN:
ip dns server
ip host pc10 192.168.203.10
ip host pc83 192.168.203.83
ip host c1821 192.168.203.1
I did this so that local PC on my lan can have a resolution for local addresses since I do not have a DNS server inside my line
and I do not have a Active Directory infrastructure.
on the public IP interface my router can be queried for LOCAL IP resolution for my lan 192.168.203.0/24, I Tryed from outside using dig command.
I Wanted to prevent this. I cannot use an ACL because I would prevent DNS queries to work in general. trying to resolve
an external IP Address from inside my lan, I just want the router to refuse DNS resolution for any query coming to external interface,
while I Want to allow only queries coming form my local lan to internal interface.
is this possible in some way ?
thank you
Riccardo