[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 268
  • Last Modified:

external URL not available internally

I have a network with win2003 server as the domain controller. There is a url that points to the server from outside the firewall which is one that tracks my dynamic ADSL ip address. There is no problem in accessing the a website on the server from outside using the URL, and internally using http://servername/website. When I try to access the website on the server using the external URL I get cannot find server. This has bugged me for a number of years. Is there some DNS setting or something that I can change on the server so that it recognises traffic to the external uRL as actually needing to go to itself?

Thanks for any help.
0
spanout
Asked:
spanout
  • 5
  • 4
1 Solution
 
lrmooreCommented:
That all depends on the router/firewall that you have. It has to do with the order of NAT processing. URL resolves to public IP address, your PC sends request to default gateway router/firewall. Router knows this IP is supposed to be forwarded to internal www host on private IP address. Some routers will actually forward the traffic, but then your PC receives an answer from the private IP which it was not expecting and drops the connection. Some routers/firewalls will simply drop the packets without trying to bounce them back inside to the server.

0
 
nprignanoCommented:
create an alias (CNAME record) to point www.yourcompany.com to servername  and you should be set.

if you have multiple sites, create a host record for www.yourcompany.com and point it to the web server's public IP.  either way, internal users will have access to the site the same as external users.

nprignano
0
 
spanoutAuthor Commented:
nprignano

Thanks for your prompt response...

I have tried to add a new CNAME record, but am a novice at this. I opened DNS on the domain server and added it as a forward lookup zone and although I do not get to the site I am looking for, I no longer receieve a cannot find server message.

0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
lrmooreCommented:
Alias, CNAME, DNS, none of it will help unless your internal DNS server will resolve that URL to the "real" private IP address and let the external public DNS servers resolve that URL to the Public IP address.
0
 
spanoutAuthor Commented:
lrmoore

I understand what you are saying... I need to tell the domainserver to reolve this address against this server and not pass to an external DNS server. I guess the bit I struggle with is how do I do that with win2003?
0
 
lrmooreCommented:
Since you have your own internal DNS server, you can simply create a new zone "yourcompany.com" and enter the private internal IP in the A record.
Done.
I will assume that your external DNS is hosted with your ISP or something so that any public user will resolve www.yourcompany.com to the public IP...
0
 
spanoutAuthor Commented:
lrmoore

Thanks. I have added a zone, and can see the site on the server by using the ext url, but a client computer still comes up as cannot find server??? Have waited for sometime just in case it takes time for these things to take effect, but still no joy.
0
 
lrmooreCommented:
From the client computer, try
C:\>nslookup www.yourcompany.com

Post results here.
0
 
spanoutAuthor Commented:
gives me the ip and name of the server as I would want it??? but the client still cannot browse to it in a web browser
0
 
lrmooreCommented:
Is the web browser setup to use a Proxy? If yes, does the proxy resolve to the correct IP?
If not, can you ping that IP address both by ip and by fqdn?
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now