Solved

What type of DNS record to add to make Server 2003 FTP work internally and externally.

Posted on 2006-11-09
7
488 Views
Last Modified: 2010-04-18
I'm trying to make a Server 2003 server running FileZilla FTP Server work on the cname mail.domain.com. mail.domain.com points to the company's WAN ip address. FTP works perfectly from outside the network, but not from inside. I tried adding a A record in the foward lookup zone for mail.domain.com to point to the local IP of the server, but then the external FTP stopped working. Help????
0
Comment
Question by:matrixcomputer
7 Comments
 
LVL 14

Expert Comment

by:inbarasan
ID: 17912343
How is the FTP published to external network. Have you done the NAT and opened the port. Are you having your own Public DNS server and you are hosting the domain from third party.

As for as i know by adding A record for FTP will not harm anything. You may also try to give different name to connect to the FTP server internally. That is another option. But if you give more details about how FTP is published , i can try and help you
0
 
LVL 5

Expert Comment

by:cjtraman
ID: 17913238
I suggest you to use two different hostnames for accessing your FTP server from both Internal & External. For External access, use mail.domain.com. For Internal access, create internalmail.domain.com.
Can you let me know how your DNS is setup? Howz ur network is structured?
0
 
LVL 2

Expert Comment

by:jspaziano
ID: 17913839
On your firewall.. are you pointing FTP traffic to the IP address of the server or the FQDN?

If you set up the firewall to forward FTP Traffic to the IP address of your FTP server.. then set up a forward lookup zone for domain.com with an A record for mail.domain.com things should work both internally and externally.
Unless your in-house DNS server is also the authoritative DNS server for domain.com .. in that situation i'd recommend that you run two DNS servers.. one to be authoritiative for lookups from the internet.. another for local lookups, since you'll never be able to have the same hostname pointed to both the external IP address for internet lookups and the internal address for local lookups.

Another option would be to set up the HOSTS file on your workstations to point mail.domain.com to the internal address of the server.
0
 
LVL 33

Accepted Solution

by:
NJComputerNetworks earned 250 total points
ID: 17914043
This is a common problem...

You must consider two things... your internal Windows domain name  (mycompany.local)   And you must consider the name of your Internet domain name...  (company.com)  

Some people make the mistake (in my opinion) of making these two domain names the same...  ouch... I don't like this setup, but it exists...and it is OK to do this... but, not the best idea...


Anyway, by default, the internal windows domain name, should be in your clients DNS suffix automatically.  This means, when a client tries to resolbe the name computer1, it will automatcially append the computer1.mycompany.local ....this way, it compiles the FQDN.

So, if you want to add your Webservers internal IP address for people connecting from the inside of your network, you will have to create a new forward lookup zone (company.com) on your internal DNS server..  This is because the user will probably use www.company.com to get to the web server and not www.mycompany.local url.

Any way, create a new forward lookup zone called company.com.  And then add the A record pointing to your internal IP address for the web server...

-late
0
 
LVL 33

Expert Comment

by:NJComputerNetworks
ID: 17914047
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now