Re: NAT and DNS HELP
So what Dave is proposing is a DNS-server on loopback. Success is 50/50 in my experience. Works great for a small dns-fqdn footprint, is not manageable in a large env or if dns-entries are constantly changing.
On hair-pin ( totally different ) you want to send internal users to the rfc1918 address and not the external-public? So that would need a hair-pin rule to steer layer3 service to the web-server.
Another solution would be a inside DNS-server that has forwarders, you can do that with a simple windowsDNS or ISC dns-server. Here you would forward all others request not residing to local-domain or your public-domain to the external DNS-server
mylocaldomain.local == authoritive
everybody else is forward to google_dns 22.214.171.124
That dns-server option Dave display is actually the same concept btw.
PCNSE, NSE , Forcepoint , StrongSwan Specialist