Solved

Internal/External DNS

Posted on 2004-09-08
22
456 Views
Last Modified: 2010-06-30
I have a question about configuring DNS services on a Win2K server to allow the use of internal and external DNS resolution.  The goal is this:  Allow employee's access to exchange 2003 OWA using the same URL of webmail.company.info.
The problem:  When employee's try to access webmail.company.info from the LAN it does not resolve.  They must use http://server/exchange to access the OWA.  However, from the outside (public internet) our external (hosted) DNS servers resolve webmail.company.info properly.  Is there a way I can have users on the LAN resolve to webmail.company.info?

I'm fairly new to configuring DNS services and have a host of other questions and issues such as AD replication issues that I will address under separate cover.
0
Comment
Question by:danielbourdeau
  • 9
  • 6
  • 4
  • +1
22 Comments
 
LVL 76

Expert Comment

by:David Lee
ID: 12008406
All you should need to do is create a new host record on your internal DNS server.  The host record points the url webmail.company.info to the IP address of the OWA server.
0
 

Author Comment

by:danielbourdeau
ID: 12008574
Thank  you for the prompt reply.  I understand creating a host record on the internal DNS server to point to the IP of the webserver.  However, the web server name is not webmail.  On the externally hosted DNS I'm doing a URL stealth redirect.  How can I accomplish that internally?  the server name is really STMATT.  Would I create an alias of Webmail and point it to the STMATT IP address?  If so, that gets me to the root of the web server not to the Exchange virtual directory.
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 12008616
You are using "SPLIT DNS", this mean that the external domain name is the same as the internal domain name. Inside = microsoft.com Outside = microsoft.com. That means that everything done on the Outside DNS, must be done on the Inside DNS. Is this a correct statement?

J
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 76

Expert Comment

by:David Lee
ID: 12009006
Sorry, I'm not that deep into DNS and I don't know what a "stealth redirect" is.  How about this?

Canonical Name (CNAME) or Alias records
A Canonical Name (CNAME) or Alias record allows a DNS server to have multiple names for a single host. For example, an Alias record can have several records that point to a single sever in your environment. This is a common approach if you have both your Web server and your mail server running on the same machine.

To create a DNS Alias:

Select DNS from the Administrative Tools folder to open the DNS console.
Expand the Forward Lookup Zone and highlight the folder representing your domain.
From the Action menu, select New Alias.
Enter your Alias Name (Figure K).
Enter the fully qualified domain name (FQDN).
Click OK.
0
 
LVL 76

Expert Comment

by:David Lee
ID: 12009036
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 12009478
a stealth redirect, means that the DNS Accepts the name and really redirects the browser some where else. So if the user types in www.microsoft.com, the DNS really points that to www.microsoft.com/exchange and the user and browser doesn't know. It is usually used by ISP's to point many domain name at a single server.

ex
www.myfriends.com --> www.myserver.com/friends
www.myparents.com--www.myserver.com/parents


J
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12009506
BlueDevilFan was correct in the very first response,,,, DNS is pretty easy, but people often needlessly complicate it... on your internal dns server you need to point webmail.company.info to the IP address of your webmail server. It doesnt matter that the hostname isn't webmail,,, you just made it accessable via webmail.company.info when you made the DNS record (from inside your lan),, it is 100% irrelivant what the actual host name is.  Example.... you could have made a dns record pointing whocares.company.info to the ip address of the web mail server and then whoever typed in whocares.company.info from inside your lan would get to your web mail.  
0
 

Author Comment

by:danielbourdeau
ID: 12009518
jdeclue is exactly right in the description of what we're doing.  We have a split DNS.  So my question really comes down to, how do I do a stealth redirect of webmail.company.info to http://server/exchange?  Or, how do I used the external DNS to resolve and do the stealth redirect for me?  Externally works great using webmail.company.info while internally I have to use http://server/exchange.
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12009572
is your webmail server internal or external?





0
 
LVL 9

Expert Comment

by:jdeclue
ID: 12009583
You cannot do that with Microsft DNS, you can do a redirect page on the IIS server, to automatically move them to the Exchange/Index.html when they connect, though. THat is probably the safest thing to do.

J
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12009632
jdeclue is right on that
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 12009655
More to the point, you will need to use the Internal DNS, so Stealth DNS is not an option. Additionally, you should not change the IIS configuration on the OWA server to use Host Headers (this accomplishes stealth), that can mess up OWA. So, that leaves changing the defualt page to redirect them to the Exchange Server.

J
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 12009664
Thanks Mike!

Daniel: Let me know if you want the HTML to do the page with.

J
0
 

Author Comment

by:danielbourdeau
ID: 12009978
That would be excellent - I'd love the help with the HTML.  So, if I'm clear, I need to setup on the INTERNAL DNS server a host record called webmail that points to the IP of the Exchange server.  Then, using the HTML redirect you'll provide me I can setup a virtual website called webmail.company.info with the appropriate host header.  The 'home page' for the internal webmail.company.info will be the redirect page that will bump my clients internally to http://server/exchange.  Yes?

Let me just say now what a great forum this is.  I've enjoyed this, my first post, greatly as it's taught me a great many things.  Thank you to everyone who's taken the time to reply!  Thank you.
0
 
LVL 25

Assisted Solution

by:mikeleebrla
mikeleebrla earned 100 total points
ID: 12010022
the html is pretty simple:


<html>
<head>
<meta http-equiv="refresh" content="0; URL=http://mail.yourdomain.info/exchange">
<head>
</html>
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12010053
hold on a minute,, host headers are for something different alltogether,,,, host headers are for hosting mulitple domain names from one IP address,,, ie

www.domain.com on 172.25.90.1
www.otherdomain.com also points to 172.25.90.1

since both requests come into 172.25.90.1  a host header is used to tell IIS which web site the user is actually trying to access.
0
 
LVL 9

Accepted Solution

by:
jdeclue earned 150 total points
ID: 12010081
Kind of... You create a CNAME (Alias) record call webmail which points to the computername of the real server. Then you rename the file "default.htm" in the c:\Inetpub\wwwroot folder to something else and paste the following into a text file and name it default.htm, then copy it into the wwwroot folder. You may need to change the server name in the URL statement if it is incorrect.

----------------HTML BELOW-----------------

<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
<head>
      <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
      <meta http-equiv="REFRESH" content="0; URL=http://webmail.company.info/exchange">
      <title>HTML REDIRECT</title>
</head>
<body>
</body>
</html>



0
 
LVL 9

Expert Comment

by:jdeclue
ID: 12010095
MIssed your post mike.

J
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 12010109
no problem,, he who snoozes often looses.
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 12010175
What, is this a competition, speedo? :)
0
 

Author Comment

by:danielbourdeau
ID: 12015477
Thank you especially to jdeclue and mikeleebrla for your help.  typing webmail.stmatthew.info internally now works thanks to both of you!  Thank you guys so much for taking the time to both help technically and to teach.  You guys rock!
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 12016042
Anytime Daniel, thanks for the kudos! Much appreciated, and thanks for the help Mike.

J
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
When it comes to protecting Oracle Database servers and systems, there are a ton of myths out there. Here are the most common.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question