cfetzer
asked on
Windows 2003 DNS issue
Hello Experts...
I am having problems with a client, that I think are DNS issues, but I'm green on DNS so I need a bit of help.
What we have going on is that we launched a new website, which resides on an internal web server. We can access the website from the outside just fine, but when we type in the URL internally, the site cannot be found.. Also, while the server can surf the Internet just fine, the workstations are having issues finding pages on the Internet.
So, in summary, the site: www.mysite.com, for example is fine if you access it externally, but when I type in "www.mysite.com" internally, we can't see it.
Anyone got any ideas on this one? We are using Win2k3 DNS server for all internal DNS requests.
Thanks!
Chad
I am having problems with a client, that I think are DNS issues, but I'm green on DNS so I need a bit of help.
What we have going on is that we launched a new website, which resides on an internal web server. We can access the website from the outside just fine, but when we type in the URL internally, the site cannot be found.. Also, while the server can surf the Internet just fine, the workstations are having issues finding pages on the Internet.
So, in summary, the site: www.mysite.com, for example is fine if you access it externally, but when I type in "www.mysite.com" internally, we can't see it.
Anyone got any ideas on this one? We are using Win2k3 DNS server for all internal DNS requests.
Thanks!
Chad
ASKER
Hello and thank you for the reply...
I added the Host record in the Forward Lookup Zone as you had recommended and it still doesn't work.
Oddly enough, when I ping www.mysite.com internally, it resoves the external IP address... if name resolution seems to be working, should I still be able to access the website anyway, regardless of if it resolves to the external or internal IP address?
Since the name is resolving to a valid IP address, could this be some sort of wacky firewall issue?
Thanks!
Chad
I added the Host record in the Forward Lookup Zone as you had recommended and it still doesn't work.
Oddly enough, when I ping www.mysite.com internally, it resoves the external IP address... if name resolution seems to be working, should I still be able to access the website anyway, regardless of if it resolves to the external or internal IP address?
Since the name is resolving to a valid IP address, could this be some sort of wacky firewall issue?
Thanks!
Chad
250 Points?
1. Is IP address of webserver I real IP address or is it NATed address ?
If this is a case you server would have diffrent address on internet than no your local network
1. Is IP address of webserver I real IP address or is it NATed address ?
If this is a case you server would have diffrent address on internet than no your local network
This caught my eye and I want to focus on that more so than the not hitting the site internally. But I will touch on it.......
<Also, while the server can surf the Internet just fine, the workstations are having issues finding pages on the Internet.>
Does all your workstations and servers point to same Default Gateway? Either a router or Firewall perhaps?
Does all your workstaitons and servers have the correct DNS servers identified in their network card as well?
Does all your workstations have the box checked in IE to bypass proxy for local addresses....if you are in fact running a proxy?
From a workstation that can not hit the website......can it be hit as http://ServerName, or http://ServerName/VirtualName ?
Your workstations and servers should ONLY use your internal DNS settings in their network properties. Then, in your internal DNS zone you need to add a "Forwarder" that is the IP of your ISP's DNS servers. This way all machines go to your local DNS first, and if it can't be found then forwarded on to your ISP's dns for name resolution.
<Also, while the server can surf the Internet just fine, the workstations are having issues finding pages on the Internet.>
Does all your workstations and servers point to same Default Gateway? Either a router or Firewall perhaps?
Does all your workstaitons and servers have the correct DNS servers identified in their network card as well?
Does all your workstations have the box checked in IE to bypass proxy for local addresses....if you are in fact running a proxy?
From a workstation that can not hit the website......can it be hit as http://ServerName, or http://ServerName/VirtualName ?
Your workstations and servers should ONLY use your internal DNS settings in their network properties. Then, in your internal DNS zone you need to add a "Forwarder" that is the IP of your ISP's DNS servers. This way all machines go to your local DNS first, and if it can't be found then forwarded on to your ISP's dns for name resolution.
By chance, Is your Windows domain name the same as the Internet domain name?
This is what I have done:
Add a host record for (for example) mysite.com, the IP address should be the internal IP of the web site
Add a cname record for www for the above host.
This is what I have done:
Add a host record for (for example) mysite.com, the IP address should be the internal IP of the web site
Add a cname record for www for the above host.
ASKER
Antknee869,
The internal domain is different from the domain the website is on.
Internally, the domain that all the servers and the workstations are on is (for example) abc.com. The website was recently registered externally to the "xyz.com" domain.
So, when I ping the website name internally, it resolves to the external IP address. For some reason, no matter what I do, I cannot get the website address to ping to the internal server address.
raising the point value to 450.
Thanks all for the tips,
Chad
The internal domain is different from the domain the website is on.
Internally, the domain that all the servers and the workstations are on is (for example) abc.com. The website was recently registered externally to the "xyz.com" domain.
So, when I ping the website name internally, it resolves to the external IP address. For some reason, no matter what I do, I cannot get the website address to ping to the internal server address.
raising the point value to 450.
Thanks all for the tips,
Chad
ASKER
So, when I look in the DNS manager, I see that I have two forward lookup zones..
abc.com
abc.local
Would I need to create a new forward lookup zone for xyz.com in order to create the proper host record to redirect traffic to the internal IP?
Chad
abc.com
abc.local
Would I need to create a new forward lookup zone for xyz.com in order to create the proper host record to redirect traffic to the internal IP?
Chad
Actually, if you have a .local domain your clients should be using that. Are you sure yuo aren't using the .local domain for your windows domain?
What happens if try to get to the website by using the server name of the web server in IE? For example http://webserver. How about using the internal IP address. For example http://ipaddress_of_web_server?
Who hosts the DNS for your external web site? Your ISP?
What happens if try to get to the website by using the server name of the web server in IE? For example http://webserver. How about using the internal IP address. For example http://ipaddress_of_web_server?
Who hosts the DNS for your external web site? Your ISP?
What do you want to ?
It can be made to accessed with the same inside and out side
or
you can use two diffrent names
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Netman66, that fixed the problem.
I created a new forward lookup zone for the .com... added a new "A" record and a new "CNAME"... it pings to the internal address and we can see the website internally!
Thanks everyone for your suggestions.
Chad
I created a new forward lookup zone for the .com... added a new "A" record and a new "CNAME"... it pings to the internal address and we can see the website internally!
Thanks everyone for your suggestions.
Chad
Excellent. Glad to have helped.
In your Forward Lookup Zone create a new HOST record called, "www". Give it the internal IP of your webserver.
This should work fine.