• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 554
  • Last Modified:

DNS Lookup and Website

We have 3 websites that are on our webserver.  2 of the sites can be seen from inside the office, and all 3 can be seen outside the office.  1 of the sites cannot be seen internally.  We're not sure why this 1 site does not pull up inside the office, but can be seen outside.
0
RenitlahHelp
Asked:
RenitlahHelp
3 Solutions
 
Christopher McKayMicrosoft Network AdministratorCommented:
Hi RenitlahHelp,
What are the DNS settings for your website that isn't visible to your internal network?
Do they differ from the IP address you get when you "ping" the site from a computer outside of your network?
I would assume that this difficulty is due to an incorrect pointer for the internal network, or perhaps an entry into the workstation hosts file.

Hope this helps!

:o)

Bartender_1
0
 
RenitlahHelpAuthor Commented:
I will have to check these.  When I pull up the site in IIS, I see it 10.x.y.z IP address.  The other two sites that work outside and inside start with 10. as well.  When I ping the site that is not working from internally, it returns a good working response, but when I ping the www. address it fails and points to a different IP address starting with 65.x.y.z

Any thoughts?
0
 
stcyrynCommented:
It could be a bad pointer to the servername hosting the website like Bartender 1 said ... I believe that you need to have a www reference for the website in your dns servers internally.  It seems the link is pointing to the 65.x.y.z address and it needs to point to the 10.x.y.z address.  If you add an entry in your dns for this i would think it would fix it.  And if it does not you can easily delete the record added with no damage.  But when you type in http://www.<website> it will see the entry in the dns cache and point it there.  
0
 
RLGSCCommented:
RenitlahHelp,

Ok, if your DNS requests produce 10.x.y.z addresses, as the song goes, "Stop Right There". 10.x.y.z addresses are the "Class A" RFC 1918 (and earlier) specified private intranet addresses. They cannot be routed to from outside your intranet (or even, potentially, parts of your intranet). If they are giving the appearance of being reachable from outside, something is proxying for them at the entrance to your internal network.

If so, and two of the sites work (and the third does not), I would check the configuration on that gateway/router/firewall carefully. If the translation is not happening, then one of the configurations is quite possibly missing. The absence of response to PING is not relevant, since the firewall may be set to ignore ICMP requests.

Also check the delegation of the name servers by doing a WHOIS query at your registrar. You may not be checking the correct name server for the outside addresses of all the servers. It is actually quite common for the intranet nameserver to provide (on its own authority, not through delegation from the root of the DNS system) internal addresses for www servers and other assets that are reachable via the intranet. What matters is what the addresses are on the outside. It is also not uncommon, but less frequent, for the corresponding external addresses to be unreachable from inside the intranet (there is not generally a reason for this, but some routing rules have to be verified, and firewalls proxies configured, not to mention cabable of the feature).

I hope that the above is helpful.

- Bob (aka RLGSC)
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now