IP/Name Resolution issue...

I just finally got our Cisco ASA 5505 and the remote office 871 routers all up and working and being used by all of my users. One problem I have now is that I had to add entries to the HOSTS file for our web and Mail servers (they live in the DMZ) to be able to hit them.

The Inside is 192.168.16.x, the DMZ is 192.168.18.x.

When I added it to the hosts file, I put in the DMZ address and it works fine. If I take it away it naturally resolves to the external address and fails.

I thought it was a FW rule problem, so I added rules to the DMZ and then tried the INSIDE section and still no dice.

How can I handle this? I have remote laptop users that are having to use batch files to change their hosts files depending on where they are. I know I should be able to fix this in the CONFIG.

TIA.

Tim

I think I have fixed part of my problem. I created a "dummy" zone file on our internal DNS server and put the 3 entries needed and resolution works fine internally now.

The problem of our VPN users now comes up. I am getting the following when I try to hit our web site connected to the VPN, using the same DNS servers.

3 Dec 03 2009 08:21:05 305005 192.168.18.3 No translation group found for tcp src outside:192.168.5.95/49227 dst dmz:192.168.18.3/80

192.168.5.x is the range for our VPN users. This morning I added an entry in the split tunnel list for the VPN config that allows traffic to the DMZ (192.168.18.x).

What else do I need to add? Thoughts?