I need to enable MRA on Expressway. On the Expressway-C Traversal zone configuration, the peer address is the Expressway-E FQDN. So do i need to create a A record for Expressway-E on the internal DNS to resolve the FQDN?
Also, is it required to add internal DNS IP on Expressway-E or public DNS is enough?
Yes you need A record on internal DNS, that will be based on the deployment. Is your internal domain external domain same ? what kind of deployment, dual Nic or single NIC
if your internal and external domain is different you need to create sub zone for external domain and add A record.
Internal DNS create A record for Expressway E pointing to your Internal NIC ip.
Expressway C ip 192.168.1.10
Expressway E internal ip 192.168.1.11
Epxressway E DMZ nic 10.1.1.20 nated to public ip.
Internal A record will resolve to 192.168.1.11.
For the Expressway-E dual NIC deployment, default gateway will be external (DMZ NIC)?
Do i need to add route to internal network as gateway internal NIC?
This is from My Lab which is working.
It depends on your topology. If you like us have the two interfaces on the E node connected to different DMZ networks you’d need to have a route to the internal network. Whereas if you have the internal network interface on E and the C connected to the same network as @Nithin Eluvathingal it’s not required.
As @Roger Kallberg the routing depends on your setup. The one which I shared above has E internal NIC and C is on same network.