Solved

DNS problems:  website within firewall/DNS outside/Inside/laptop/Wrong IP

Posted on 2006-07-13
8
220 Views
Last Modified: 2010-03-18
Hi All:

Ok, this is a somewhat complicated problem.

Let me start with the network set up:

1. IIS server
2. Firewall/router
3.  Internally hosted DNS server
4.  External ISP DNS server

The problem I am having is that people are automatically pulling DNS servers to use.  They are grabbing the external ISP DNS to resolve domain names.  We have a domain name within the firewall.  

Sometimes, users pull the external IP address (65.xxx.xxx.xxx) and are not able to resolve to the website.  Sometimes the users pull the internal IP address (10.1.1.23).  The domain name should be linked with the internal IP address when within the firewall.

I think the only solution to this is to force users within the network to pull the internal DNS server and block the external DNS server.   However, with lap tops this is an issue because often users are sometimes within the network, sometimes without.  With desktops, we force the DNS look up to the internal DNS and we have no problem, however with laptops I am at a loss how to solve.  Any ideas?

0
Comment
Question by:gnosticgnowledge
8 Comments
 
LVL 42

Expert Comment

by:zephyr_hex
ID: 17100984
you could edit the hosts file on the laptops so that the internal ip maps to your internal site.
0
 

Author Comment

by:gnosticgnowledge
ID: 17101712
Yes, that came to mind.  A little out of my league (I am a developer).  Any other possible solutions?
0
 
LVL 13

Expert Comment

by:prashsax
ID: 17101836
Why have you specified ISP DNS server IP address in Network configuration of Laptop users.

You should configure the laptops and desktop to use DHCP for IP and DNS configuration.

DHCP should always give them Internal DNS server IP address.

Then you can put forwarders on the internal DNS server, so that It can also resolve external IP address.

Now as for laptop users you go outside the network, and you are concerned that how will they resolve IP address from outside.

The answer to that is that when they are outside your network, there individual ISP will provide them the external DNS server IP address.

Suppose some will use DSL router to connect to internet, then their DSL router will assign IP address to their laptop.
Some would use dialup modem, so they will get there IP address and other config from there ISP.

So, always configure Internal DNS IP address.
0
 

Author Comment

by:gnosticgnowledge
ID: 17101911
Ah, ok.  So to solve this, the DHCP needs to be configured so the user that logs onto the network will only go to the internal DNS?
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 13

Expert Comment

by:prashsax
ID: 17101936
Yes. That right, for users machine and laptop only Internal DNS.

And, put forwarder on your Internal DNS server.

Specify ISP DNS IP address as forwarder on Internal DNS server.
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17101991
Agree with Prashsax. The way you configure it, it will be taken care.

Cheers,
Rajesh
0
 

Author Comment

by:gnosticgnowledge
ID: 17116243
I checked the DHCP.  It was the external DNS listed in the entries listed.  I am guessing this is wrong.  How do I remove these entries from the DHCP interface.  Thanks.
0
 
LVL 13

Accepted Solution

by:
prashsax earned 500 total points
ID: 17116789
Open the DHCP Admin Console.

Locate the DHCP Scope in left pane. It should show IP address as 10.1.1.x.

Expand it.
Now Click on Scope options.

You should be able to see DNS Servers in Right hand pane.
Double click it, and it will open a window.

Then remove the ISP DNS server from the list.
Add your internal DNS server.


0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

FIPS stands for the Federal Information Processing Standardisation and FIPS 140-2 is a collection of standards that are generically associated with hardware and software cryptography. In most cases, people can refer to this as the method of encrypti…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now