?
Solved

dns entry for DMZ servers

Posted on 2006-11-20
6
Medium Priority
?
338 Views
Last Modified: 2010-04-10
we have two servers that reside in our dmz, this two servers have the dns ip address from our isp. inside our network we need to access those servers through port 80. all the servers have windows 2003 with latest updates. how can I add an entry on the domain dns server inside our network to get to those servers by entering the website on those server instead of entering the ip address on the addres bar in the browser.
the ip address on those servers are 192.168.2.240 and 192.168.2.241, the websites are access.elpcars.com and home.elpcars.com respectivelly.
any comments will be appreciated. thank you.
0
Comment
Question by:hherrera
  • 3
  • 3
6 Comments
 
LVL 39

Expert Comment

by:Hypercat (Deb)
ID: 17982764
If these two servers are in the same domain as your private network, you can add a DNS record for each host to the zone for your domain manually.  If they are on a separate domain, you will need to create a separate zone for them and then add the records there.

Hope this helps!

Deb
0
 

Author Comment

by:hherrera
ID: 17988018
can I add a record for the url: access.elpcars.com to point to a  specified ip address?
0
 
LVL 39

Expert Comment

by:Hypercat (Deb)
ID: 17988088
Yes - like I said, it all depends if they are on the same domain or not.  If your current DNS zone is for elpcars.com, then all you need to do is add a host record for the host name "access" and point it to the correct IP address.  If you've never added a DNS record manually, it's easy.  Open the DNS management console and point it to the primary DNS server (or any DNS server if you are running in AD-integrated mode).  Expand the view to open your forward lookup zone.  Click on the zone name folder, then right-click and select New Host (A).  Enter the host name and IP address in the fields provided.  This will enable you to get to those servers by name.

You could allow them to self-register, but you'd have to open some ports on your router between your private network and the DMZ, which you probably would not want to do.

Deb
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 

Author Comment

by:hherrera
ID: 17988284
thanks for the comments, it worked for servers that are on the same domain. but, the servers that im trying to resolve the name to ip address are not in the same domain. the servers that are working are in the domain max.local and two servers that are on the dmz have different domains two have elpcars.com and one has elptech.com when created the record for those servers, it was pointing to an external ip address that clients use to access the websites on those servers. I clear the dns cache but did the same thing. I dont know if the record I created was correct because it creaded subfolders. thanks for the comments.
0
 
LVL 39

Accepted Solution

by:
Hypercat (Deb) earned 320 total points
ID: 17988329
If the servers in your DMZ are on different domains, there are a couple of ways to resolve this.  If these IP addresses are public and are hosted by your ISP's DNS servers, you could simply set forwarders for these two domains to point to those external DNS servers.  If the IP addresses you want to point to are private,  you would have to create separate zones on your DNS server(s) for the two other domains, and then add manual records to those zones.  Is this what you did?  

Deb
0
 

Author Comment

by:hherrera
ID: 17988716
PERFECT!!!!!!!!!!!!
that is what I wanted. thank you very much
0

Featured Post

What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question