Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations MikeeOK on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNs Question 1

Status
Not open for further replies.
Mighty

Mighty

Programmer
Feb 22, 2001
1,682
US
When users in our network attempt to access our company website, it always gives an error. The reason for this is that the URL address resolves to the IP address of our firewall and as that doesn't contain IIS it crashes.

However, external traffic is routed through the firewall to our webserver. Is it possible to add an entry to our DNS server which will automatically resolve internal requests for our URL to the internal IP address of our webserver.

Mighty
 
Sort by date Sort by votes
it sounds like the registered Internet domain is the same name as the Internal Windows 2003 domain. This really isn't ideal and will cause the problem you described.

To work around this, add a host record to your internal DNS server for the server.

For example, if you would connect to create an "A" record in your local DNS for this record the IP address of the internal IP

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Our Internet domain and Internal Windows 2003 are not the same. Our internal domain is mycompany.local and our internet domain is mycompany.ie.

While we were running an NT domain typing in our company URL would just give you a "Page cannot be displayed" error as our URL was resolving to our firewall address. Now in our 2003 domain when you type in our company URL you get an IIS configuration screen which I presume is coming from our new domain controller. So how can I tell our DNS to route http requests for either of our company URL's to the internal IP of our webserver?

Mighty
 
Upvote 0 Downvote
add an alias to your DNS.

if your website is and you want to resolve this to go to webserver01.mycompany.local...

you go to the forward lookup zone for mycompany.local and you add an alias record.

er... not exactly...

your webserver is a member of which domain?

better still...
give us the internal IP of your webserver along with its internal and external URL...
that way i can give you correct info...
David

Aftertaf (david)
MCSA 2003
 
Upvote 0 Downvote
Oh...OK... this is good. You normally would have your internal domain name something different compared to your Registered Internet Domain Name.

So, if you want the web site of your DC to be available on the internet, you will have to all PORT 80 through your firewall.

Because the URL points to your Public IP address (the IP of your firewall), you can open PORT 80 (HTTP) and this will allow Internet users to view your web site.

Create a rule on your firewall to allow TCP port 80 inbound to your Internal IP address of your server.

-later

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Hi David,

The external IP shouldn't really matter should it. The webserver is on our internal domain. It works fine if you try to access it from the internet but doesn't work if you type in our URL internally. So I basically want to route all internal requests for to webserver.mycompany.local. The internal IP address of the webserver is 195.10.20.12.

Mighty
 
Upvote 0 Downvote
Joseph,

The website is accessible from the outside world. It is only internally that we are having the problem. People have to type in the server name to access the site and can't use the URL.

Mighty
 
Upvote 0 Downvote
Can you get to other web sites on the internet? Like
To work around this problem, you can go into your local DNS and create a new forward lookup zone called "mycompany.ie".

Then create an "A" record for WWW

Point your internal IP address.



Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Joseph,

Yes our internet access is fine. Every local user can browser the internet and both of our websites are accessible to the outside world. Could it just be a problem with our firewall that external http requests for our websites are routed to our webserver but internal ones are not??

Mighty
 
Upvote 0 Downvote
Yes there could be a problem with your firewall interpreting the requests to get to your internal web site....especially, when the request are coming from inside your network.

That why, I think you should create the new forward lookup zone and create the "a" records. This way all traffic will not go through the firewall to get to your internal web site (accessing these from inside your network)

To work around this problem, you can go into your local DNS and create a new forward lookup zone called "mycompany.ie".

Then create an "A" record for WWW

Point your internal IP address.

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Hi Joseph,

I followed your instructions and set up a new forward looking zone and added an record with the internal IP address of our server. However, when I type in I get routed to the DNS server/domain controller - not the webserver???

Mighty
 
Upvote 0 Downvote
You need to modify the "A" record you created.

the internal IP address of the webserver (not the internal address of the DC)

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Hi Joseph,

I know that. I setup the A record with the IP address of the webserver - not the DC. However, my http request is still going to IIS on the DC/DNS server???

Mighty
 
Upvote 0 Downvote
We have two domains - mycompany.ie and mycompany.com. I have now set up two new forward looking zones and added a record for both zones poining to the internal IP address of our webserver. However, when I try either domain IIS on the DNS/DC server is opened and not the webserver???

Mighty
 
Upvote 0 Downvote
Check your local TCP/IP properties of the workstation you are using. Check the DNS settings. Are you using your local DNS server for resolution?

You should see your internal DNS server's IP address listed (you should not see the ISP DNS server listed here) only your local DNS server should be listed.

Almost sounds like your not using your local DNS server for DNS resolution....

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
If you find that you are using your local DNs server, you should add an entry for DNS suffixes. Add the mycompany.ie DNS suffix to your workstation. Then try to connect to the web site.

If this solves your problem, you will have to add additional DNS suffixes to all of your workstations...


Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
(Ignore my last comment about DNS suffix, because your putting fully qualified domain name in the URL, you won't need the suffix)

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Figured it out. My fault - had a local LMHOSTS file on my client PC which was mapped to the IP address of the mail server and this was causing the problem.

However, I may have another problem. Our Intranet sends out emails to users in our network but would use the full email address - e.g. user@mycompany.ie. If I set up a new zone and add the A record for the website, will I also have to add an MX record for the emails??

Mighty
 
Upvote 0 Downvote
I think it would be a good idea to create this MX record....as your Internal DNS server will always be resolving DNS requests for the mycompany.ie zone. (It will no longer forward requests to the internet for this zone)

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
1K
suncit
suncit
fredmartinmaine
  • Locked
  • Question
Domain Controller without DNS Server
Replies
4
Views
990
fredmartinmaine
fredmartinmaine
edgar28
  • Locked
  • Question
Question on Network cards - Windows Server 2019
Replies
1
Views
318
DrB0b
DrB0b
telecotek1
  • Locked
  • Question
strange DNS issue
Replies
1
Views
489
telecotek1
telecotek1
DrB0b
  • Locked
  • Question
HyperV Virtual Switch and Physical NIC question
Replies
3
Views
334
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top