Solved

Why can't my internal network see the outside site we host

Posted on 2004-08-17
9
1,036 Views
Last Modified: 2010-04-11
So here is the problem.  I have this website www.v-pos.net that works great, people can see it from the outside, it’s simple but it works.  The problem that I have is that if I try going to www.v-pos.net from one of my machines I get a “The page cannot be found” error.  It works fine using localhost/v-pos/index.cfm.

I’m running IIS on windows 2003 and I’m guessing that the problem lies somewhere there in but I just can’t find the setting.  

Help would be appreciated.  
0
Comment
Question by:R_Hos
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 36

Expert Comment

by:grblades
Comment Utility
Hi R_Hos,
Can you bring up a DOS window and type "nslookup www.v-pos.net" and post here what you get back. Do you have a windows active directory domain which is also called v-pos.net?
Where is the website hosted?
0
 
LVL 6

Accepted Solution

by:
Technicon-SG earned 500 total points
Comment Utility
If the Host you are trying to access in on the same subnet as the requesting machine you will have a problem.  Most ISPs do not allow traffic to "uturn"...this can confuse the router...This is usually true in Cable modem and DSL situations, when you have only one public IP address....if you have 2 public IP addresses, use the second to access the first and you should have no problem...

A work around for this is to bind the Domain to the Privite IP in the host file of the machines on your LAN.

In XP

open "c:\windows\system32\drivers\ect\host" in notepad (or whatever folder you have windows installed)

ADD the Line

X.X.X.X      v-pos.net  (Where X.X.X.X is the private IP address of the Host)
0
 
LVL 15

Expert Comment

by:adamdrayer
Comment Utility
It's probably what Technicon said, but it's more than likely your firewall (if you have one) that is preventing this if you are using Network Address Translation (NAT).

Your DNS lookup of "www.v-pos.net" points to an external IP address.  you then send a request to that IP through your gateway.  It eventually gets to your firewall.  You're firewall/router will not translate from external IP address to internal IP address if the request is coming from the internal interface. For security reasons, the Firewall is usually very specific in what it allows.  It will only allow:

1. packets with external sourceIPs come in on the external interface, destined for domain's publicIP get passed from external interface to internal interface (and translated if nescesssary)

2. packets with internal sourceIPs come on on the internal interface, destined for external IP addresses get passed from interal interface to external interface (and translated if nescessary)

What you are in face asking for is:
packets with internal sourceIPs comin in on the internal interface, destined for domain's publicIP.  

This will not get translated and will just be plain ignored by the firewall.

the hosts file mentioned tecnicon gets around this.  So would a static entry in your internal DNS sever if you have one.  It should point www.v-pos.net to the internal IP address of that computer, as oppossed to the public IP address issued to you by your ISP
0
 
LVL 5

Author Comment

by:R_Hos
Comment Utility
when doing a nslookup i get the response non-existant domain.  i would imagine it is because i am using a dns server that hasnt been updated for it.  how do i setup a static entry in my internal DNS server that points www.v-pos.net to the internal IP address of the computer that it is on?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 36

Expert Comment

by:grblades
Comment Utility
Where is the webserver located?
Is it on your local network or hosted elsewhere on the internet?

What DNS server are you using?
0
 
LVL 5

Author Comment

by:R_Hos
Comment Utility
its located on our local network and were running the dns that ships with server 2003
0
 

Expert Comment

by:eseyfried
Comment Utility
all you need to do is add a Host (A) record in your forward lookup zone...have it point to the internal IP of webserver...this way ...

all inside webtraffic uses internal IP (Private), and external web traffic uses external IP(From ISP)
0
 
LVL 36

Expert Comment

by:grblades
Comment Utility
Yes basically add www.v-pos.net to your local DNS with the internal IP address of the server. It should be fairly ovious how to add the entry using the admin tool that comes with 2003. I have only used 2003 very little myself so cannot say exactly where you have to go to add the entry.
0
 
LVL 15

Expert Comment

by:adamdrayer
Comment Utility
Make sure that you create both a forward and reverse lookup record.  That error message you were getting for NSLOOKUP may be due to the fact that you need a reverse DNS entry.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Let’s list some of the technologies that enable smooth teleworking. 
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now