Hi am having problems with my current DNS and would like some advice as I have started to doubt my self.
Both sites are connected 24/7 via a hardware VPN (Sonicwall and Juniper)
site 1 on 192.168.1.x network
site 2 on 192.168.3.x network
Site 2 is all servers and in a data center, no clients and no need for DHCP
All servers have a static IP address (some have numerous due to multiple websites)
IP address are binded to particular a website and the juniper firewall is configured to redirect traffic to the specific IP address
AD server and DNS server are in site 1
we host a number of websites (about 12) that are available both internally and externally
The current DNS is AD integrated (server 2008 r2) and replicates between both sites ( I dont know if I need this)
I believe that site 1 should have a manual forwarder entered and pointing to the internal IP in site 2 (rather than go via the internet)
I believe that site 2 should have a manual forwarder entered and pointing to the external IP in site 2 for the websites hosted.
We use certificates (we need to) on the web servers in site 2, hence we need to point to the external ip address so that it connects to a URL needed by the certificate.

Site 2 works, but if I change site 1 to internal ip addresses it fails and clients cant connect.
NSlookup works and I can ping them

any advice is appreciated and I am willing to start again and re think this if you can explain why.

Regards
Paul