Solved

DNS dose not resolve externally

Posted on 2004-10-05
6
212 Views
Last Modified: 2010-04-10
Hi. I have got a windows 2000 domain controllers and an ISA server acting as the internet gateway. I hve set all my domain clients DNS as the ISA server IP. The situation I am having is that Internet is working OK. But Outlook can not see the mail server to download emails. When I changed the DNS IP in one of the clients to the external ISP one. Outlook is ok. What could be the problem. Thanks
0
Comment
Question by:mostafa67
  • 2
6 Comments
 
LVL 7

Accepted Solution

by:
gnegrota earned 250 total points
ID: 12225333
In your case,ISA server must accting like a DNS "proxy", i.e. forwarding all requests to a DNS servers that can resolv the querry. In effect, a DNS service with only cache and 'forward' it's all that you need.
When ISA is acting like Proxy, this function are working for all requests, but is NOT a DNS service ! Firewalling function permit , with the proper settings, a transparent access to external DNSs. So :
1) Install a DNS service on ISA server and set just FW function (to some external DNSs)
or
2) Use internal DNS (if you have) to resolv addresses
or
3) Use for all clients internal and/or external DNSs.

C.U.
0
 
LVL 16

Expert Comment

by:samccarthy
ID: 12225633
On your domain, all your internal clients should be looking at your internal DNS servers for resolution first.  Your internal DNS servers can then point to the ISA server if their resolution fails.  In that way, you will get internal and external resolution as well as the benefits of caching on the ISA server.  As gnegrota said, you can also install DNS on the ISA server too.

Steve
0
 
LVL 25

Expert Comment

by:Fred Marshall
ID: 12231184
You can have more than one DNS server identified on a client.

So, add external DNS addresses on the clients.

It's simple, it's more robust in case of a failure, etc. etc.
0
 
LVL 16

Expert Comment

by:samccarthy
ID: 12233138
In a well designed network, if one Domain DNS server fails, the failover is another DNS server on the network.   By utilizing them, you get the advantages of the Caching that the servers do for addresses they look up.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now