Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

DNS problems:  website within firewall/DNS outside/Inside/laptop/Wrong IP

Posted on 2006-07-13
8
223 Views
Last Modified: 2010-03-18
Hi All:

Ok, this is a somewhat complicated problem.

Let me start with the network set up:

1. IIS server
2. Firewall/router
3.  Internally hosted DNS server
4.  External ISP DNS server

The problem I am having is that people are automatically pulling DNS servers to use.  They are grabbing the external ISP DNS to resolve domain names.  We have a domain name within the firewall.  

Sometimes, users pull the external IP address (65.xxx.xxx.xxx) and are not able to resolve to the website.  Sometimes the users pull the internal IP address (10.1.1.23).  The domain name should be linked with the internal IP address when within the firewall.

I think the only solution to this is to force users within the network to pull the internal DNS server and block the external DNS server.   However, with lap tops this is an issue because often users are sometimes within the network, sometimes without.  With desktops, we force the DNS look up to the internal DNS and we have no problem, however with laptops I am at a loss how to solve.  Any ideas?

0
Comment
Question by:gnosticgnowledge
8 Comments
 
LVL 43

Expert Comment

by:zephyr_hex (Megan)
ID: 17100984
you could edit the hosts file on the laptops so that the internal ip maps to your internal site.
0
 

Author Comment

by:gnosticgnowledge
ID: 17101712
Yes, that came to mind.  A little out of my league (I am a developer).  Any other possible solutions?
0
 
LVL 13

Expert Comment

by:prashsax
ID: 17101836
Why have you specified ISP DNS server IP address in Network configuration of Laptop users.

You should configure the laptops and desktop to use DHCP for IP and DNS configuration.

DHCP should always give them Internal DNS server IP address.

Then you can put forwarders on the internal DNS server, so that It can also resolve external IP address.

Now as for laptop users you go outside the network, and you are concerned that how will they resolve IP address from outside.

The answer to that is that when they are outside your network, there individual ISP will provide them the external DNS server IP address.

Suppose some will use DSL router to connect to internet, then their DSL router will assign IP address to their laptop.
Some would use dialup modem, so they will get there IP address and other config from there ISP.

So, always configure Internal DNS IP address.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:gnosticgnowledge
ID: 17101911
Ah, ok.  So to solve this, the DHCP needs to be configured so the user that logs onto the network will only go to the internal DNS?
0
 
LVL 13

Expert Comment

by:prashsax
ID: 17101936
Yes. That right, for users machine and laptop only Internal DNS.

And, put forwarder on your Internal DNS server.

Specify ISP DNS IP address as forwarder on Internal DNS server.
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17101991
Agree with Prashsax. The way you configure it, it will be taken care.

Cheers,
Rajesh
0
 

Author Comment

by:gnosticgnowledge
ID: 17116243
I checked the DHCP.  It was the external DNS listed in the entries listed.  I am guessing this is wrong.  How do I remove these entries from the DHCP interface.  Thanks.
0
 
LVL 13

Accepted Solution

by:
prashsax earned 500 total points
ID: 17116789
Open the DHCP Admin Console.

Locate the DHCP Scope in left pane. It should show IP address as 10.1.1.x.

Expand it.
Now Click on Scope options.

You should be able to see DNS Servers in Right hand pane.
Double click it, and it will open a window.

Then remove the ISP DNS server from the list.
Add your internal DNS server.


0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question