Solved

Why can't my internal network see the outside site we host

Posted on 2004-08-17
9
1,040 Views
Last Modified: 2010-04-11
So here is the problem.  I have this website www.v-pos.net that works great, people can see it from the outside, it’s simple but it works.  The problem that I have is that if I try going to www.v-pos.net from one of my machines I get a “The page cannot be found” error.  It works fine using localhost/v-pos/index.cfm.

I’m running IIS on windows 2003 and I’m guessing that the problem lies somewhere there in but I just can’t find the setting.  

Help would be appreciated.  
0
Comment
Question by:R_Hos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 36

Expert Comment

by:grblades
ID: 11824395
Hi R_Hos,
Can you bring up a DOS window and type "nslookup www.v-pos.net" and post here what you get back. Do you have a windows active directory domain which is also called v-pos.net?
Where is the website hosted?
0
 
LVL 6

Accepted Solution

by:
Technicon-SG earned 500 total points
ID: 11824618
If the Host you are trying to access in on the same subnet as the requesting machine you will have a problem.  Most ISPs do not allow traffic to "uturn"...this can confuse the router...This is usually true in Cable modem and DSL situations, when you have only one public IP address....if you have 2 public IP addresses, use the second to access the first and you should have no problem...

A work around for this is to bind the Domain to the Privite IP in the host file of the machines on your LAN.

In XP

open "c:\windows\system32\drivers\ect\host" in notepad (or whatever folder you have windows installed)

ADD the Line

X.X.X.X      v-pos.net  (Where X.X.X.X is the private IP address of the Host)
0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 11825178
It's probably what Technicon said, but it's more than likely your firewall (if you have one) that is preventing this if you are using Network Address Translation (NAT).

Your DNS lookup of "www.v-pos.net" points to an external IP address.  you then send a request to that IP through your gateway.  It eventually gets to your firewall.  You're firewall/router will not translate from external IP address to internal IP address if the request is coming from the internal interface. For security reasons, the Firewall is usually very specific in what it allows.  It will only allow:

1. packets with external sourceIPs come in on the external interface, destined for domain's publicIP get passed from external interface to internal interface (and translated if nescesssary)

2. packets with internal sourceIPs come on on the internal interface, destined for external IP addresses get passed from interal interface to external interface (and translated if nescessary)

What you are in face asking for is:
packets with internal sourceIPs comin in on the internal interface, destined for domain's publicIP.  

This will not get translated and will just be plain ignored by the firewall.

the hosts file mentioned tecnicon gets around this.  So would a static entry in your internal DNS sever if you have one.  It should point www.v-pos.net to the internal IP address of that computer, as oppossed to the public IP address issued to you by your ISP
0
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

 
LVL 5

Author Comment

by:R_Hos
ID: 11825662
when doing a nslookup i get the response non-existant domain.  i would imagine it is because i am using a dns server that hasnt been updated for it.  how do i setup a static entry in my internal DNS server that points www.v-pos.net to the internal IP address of the computer that it is on?
0
 
LVL 36

Expert Comment

by:grblades
ID: 11825699
Where is the webserver located?
Is it on your local network or hosted elsewhere on the internet?

What DNS server are you using?
0
 
LVL 5

Author Comment

by:R_Hos
ID: 11825723
its located on our local network and were running the dns that ships with server 2003
0
 

Expert Comment

by:eseyfried
ID: 11825735
all you need to do is add a Host (A) record in your forward lookup zone...have it point to the internal IP of webserver...this way ...

all inside webtraffic uses internal IP (Private), and external web traffic uses external IP(From ISP)
0
 
LVL 36

Expert Comment

by:grblades
ID: 11825767
Yes basically add www.v-pos.net to your local DNS with the internal IP address of the server. It should be fairly ovious how to add the entry using the admin tool that comes with 2003. I have only used 2003 very little myself so cannot say exactly where you have to go to add the entry.
0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 11826062
Make sure that you create both a forward and reverse lookup record.  That error message you were getting for NSLOOKUP may be due to the fact that you need a reverse DNS entry.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question