Solved

dns entry for DMZ servers

Posted on 2006-11-20
6
285 Views
Last Modified: 2010-04-10
we have two servers that reside in our dmz, this two servers have the dns ip address from our isp. inside our network we need to access those servers through port 80. all the servers have windows 2003 with latest updates. how can I add an entry on the domain dns server inside our network to get to those servers by entering the website on those server instead of entering the ip address on the addres bar in the browser.
the ip address on those servers are 192.168.2.240 and 192.168.2.241, the websites are access.elpcars.com and home.elpcars.com respectivelly.
any comments will be appreciated. thank you.
0
Comment
Question by:hherrera
  • 3
  • 3
6 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 17982764
If these two servers are in the same domain as your private network, you can add a DNS record for each host to the zone for your domain manually.  If they are on a separate domain, you will need to create a separate zone for them and then add the records there.

Hope this helps!

Deb
0
 

Author Comment

by:hherrera
ID: 17988018
can I add a record for the url: access.elpcars.com to point to a  specified ip address?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 17988088
Yes - like I said, it all depends if they are on the same domain or not.  If your current DNS zone is for elpcars.com, then all you need to do is add a host record for the host name "access" and point it to the correct IP address.  If you've never added a DNS record manually, it's easy.  Open the DNS management console and point it to the primary DNS server (or any DNS server if you are running in AD-integrated mode).  Expand the view to open your forward lookup zone.  Click on the zone name folder, then right-click and select New Host (A).  Enter the host name and IP address in the fields provided.  This will enable you to get to those servers by name.

You could allow them to self-register, but you'd have to open some ports on your router between your private network and the DMZ, which you probably would not want to do.

Deb
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:hherrera
ID: 17988284
thanks for the comments, it worked for servers that are on the same domain. but, the servers that im trying to resolve the name to ip address are not in the same domain. the servers that are working are in the domain max.local and two servers that are on the dmz have different domains two have elpcars.com and one has elptech.com when created the record for those servers, it was pointing to an external ip address that clients use to access the websites on those servers. I clear the dns cache but did the same thing. I dont know if the record I created was correct because it creaded subfolders. thanks for the comments.
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 80 total points
ID: 17988329
If the servers in your DMZ are on different domains, there are a couple of ways to resolve this.  If these IP addresses are public and are hosted by your ISP's DNS servers, you could simply set forwarders for these two domains to point to those external DNS servers.  If the IP addresses you want to point to are private,  you would have to create separate zones on your DNS server(s) for the two other domains, and then add manual records to those zones.  Is this what you did?  

Deb
0
 

Author Comment

by:hherrera
ID: 17988716
PERFECT!!!!!!!!!!!!
that is what I wanted. thank you very much
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now