NAT on v6

[kgoodknecht]

I have two public DNS servers behind Wingate sending zone transfers to four other DNS servers on the internet. For now I have to use UDP/TCP mappings to allow external access to each of these two DNS servers and and allow the external secondaries to get their zone transfers.
Now the problem, when the external secondary servers connect to get their zone transfers my two server are seeing the pivate address on teh Wingates server instead of the Public address of the external DNS servers. In order for the external DNS server to get the zone transfers I have to allow zone transfers to the private address of the Wingate server. This is not a good thing because I am effectively allowing all my zones to allow zone transfers to the whole world.

I asked this about six months ago, and the answer was that the v6 will allow NAT to translate different external IPs to different internal IPs so I could go back to only allowing zone transfers to particular public DNS servers on the internet.

Noe either I missing something or I'm not configuring something right because I don't see any way to NAT different public address on port 53 to different server behind NAT.

I have this option in Win2k NAT and I was using it but it was a real PITA to configure all the packet filters to protect my internal network from intruders. I like the firewall in Wingate because it makes all this easy, but it does not allow me to NAT from multiple public IPs to multiple private IPs.

I'm sorry for the length of this post, I wanted to make sure you understood my delima.

[kgoodknecht]

I found a workaroud, I disabled NAT in Wingate, left the firewall on and enabled NAT in Win2k. It seems to be working OK.