Our configuration: NW 6sp5 DNS server, WAN with 10 remote sites on the private WAN, limited # of local hosts, BorderManager 3.8 sp3 http proxy servers

Problem: Domain name both on private LAN/WAN and externally is the same. Only way to reach external (public) host is to not use local DNS server but to use the ISP's DNS server. This, however, creates problems in reaching some (but not all) locally defined hosts. Local DNS server is setup to forward to the ISP's DNS servers. Placing static host entries in the workstations HOSTS file in most cases solves this problem, but is not ideal. Also, having inconsistent results using a Proxy.pac to determine whether to use the local BorderManager proxy server, a remote BorderManager proxy server or go direct to Internet for browsing. We have also tried placing static entries in the BorderManager HOSTS file, with mixed results.

What is the best way to set this up? We need access to some local host machines (name resolution) as well as full public internet access with, in particular, access to web site on the public internet with same domain name as used behind the firewall. And, is it feasible for 200 some odd users spread out over 10 sites separated by 384KB WAN links to rely on a single DNS server? And, are there any glitches/gotcha's associated with using a Proxy.pac file? Thanks for any insight you can provide.