Local DNS resolving

Hi,

I have a domain setup and a mail server.  

The problem I have is this.

If a user outside goes to  mail.company.com, it will resolve the external IP and work.
If a user is inside, it tries to resolve the OUTSIDE address.
There is a PIX firewall, and my understanding is, it won't let you go OUTSIDE and come back in.

SO basically, I need to put in my DNS server that mail.company.com will resolve to192.168.1.5 ...
I have tried everything, either it doesn't work, or it cuts out access to all .com addresses.

Thanks.

ShawnspiAsked:
Who is Participating?
 
Rob WilliamsCommented:
Sorry Shawnspi, I don't have an answer for you. This should be fairly straight forward But I am not a wizard with DNS. It's quiet here on the weekend, but I am sure someone else will be along. In the mean time the following may be of some help:
http://www.amset.info/netadmin/split-dns.asp
Or see comments by raymond 3/4 way down the following page:
http://www.hmailserver.com/forum/viewtopic.php?=&p=43568
0
 
Rob WilliamsCommented:
You should be able to add a Cname record to your server's DNS configuration for the internal IP and the mail.company.com DNS name. This will allow it to resolve locally, assuming you can connect locally.
0
 
ShawnspiAuthor Commented:
C:\Documents and Settings\Administrator>ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Documents and Settings\Administrator>nslookup employees.lstechllc.com
Server:  localhost
Address:  127.0.0.1

Name:    employees.lstechllc.com.LSTECHLLC-HQ
Address:  192.168.1.5


C:\Documents and Settings\Administrator>ping employees.lstechllc.com

Pinging employees.lstechllc.com [70.183.5.248] with 32 bytes of data:

Request timed out.

Ping statistics for 70.183.5.248:
    Packets: Sent = 1, Received = 0, Lost = 1 (100% loss),
Control-C
^C
C:\Documents and Settings\Administrator>^X
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
Rob WilliamsCommented:
Just tried here and worked from the same server but not the clients. Not sure why though.
0
 
ShawnspiAuthor Commented:
So, what do I do?

I guess the biggest issue is with laptops.... in the office they need to goto 192.x.x.x and out of the office they need to got 70.x.x.x

please help
0
 
ShawnspiAuthor Commented:
I appreciate it.  It "should" be easy, and I swear I have done it before.  Stupid win2k3 !!!

0
 
reb_elmagnificoCommented:
Could you explain your DNS infrastructure a bit?  Assuming that you have 2 DNS servers, your public DNS server should host an A record with your public ip address(70.183.5.248).  Your internal DNS server should host an A record with your internal ip address (192.168.1.5).  

When a laptop is on your internal LAN his IP settings should be pointing to your internal DNS server, therefore resolving the 192.168.1.5 address.  When the same laptop is elsewhere he will be pointing to your public DNS server when trying to resolve your domain name.

Hope this helps.  Let me know if your situation doesn't allow for my suggestion.

REB
0
 
ShawnspiAuthor Commented:
Hey,

I was able to get it.  RobWill, your links helped me out, so I will award you the points.  Thanks!
0
 
Rob WilliamsCommented:
Thanks Shawnspi. Glad to hear you were able to "resolve" .
Cheers !
--Rob
0
 
ShawnspiAuthor Commented:
Hey..

My resolution was .. since my outside domain name was different from my inside ...  i had to add outside name of   mydomain.com nto DNS ..

If i can bug you for a second .. I do have this issue now ..
When internal EVERYTHING looks at the internal DNS first ...
so i had to add  www.mydomain.com to it, and add the EXTERNAL IP... issue with this is, if it changes..
how do I make it look at the "real world" if it isn't in that list?

Thanks
0
 
Rob WilliamsCommented:
We were on the right track earlier, and I had it working on my system, only I ran into multiple other issues doing so in that manor, so I decided not to dig a deeper hole for myself. I don't know. I read a series of articles on everything from adding another zone to using split DNS and I didn't find the ultimate answer. Funny similar questions come up all the time on this message board and often the answer is similar to what i started with, but the details never seem to be provided. I thought it was as simple as a local CNAME. I have been watching a similar question waiting to see the answer but nothing yet. Those folks seem to be "skirting around details".

I'll see if I can get a "DNS guy" to have a look at this for you. If he does have a look and explain, please ask the moderators to re-open the question and award to him. I don't like to see incorrect, or lesser answers show as the accepted solution.
Hang tight <G>
--Rob
0
 
Jay_Jay70Commented:
Hello all :)

what you need to do is to create an zone within DNS for you external domain name eg, my domain name is james.local i need to add a james.com to my DNS server and host the www and mail records etc for the external domain name.

This is common especially if hosting your own sites or using webmail....

you are correct that the pix is blocking you coming back in and you are stuck with manually changing these records when the IP addresses change....
0
 
Rob WilliamsCommented:
Shawnspi, good advice from the master, Jay_Jay70. Have you had a chance to give it a try?
Thanks James !
--Rob
0
 
ShawnspiAuthor Commented:
I had done that before he posted that because that is what your link said to do.  What i was trying to do.. was not have to put in external URLS...
0
 
Jay_Jay70Commented:
Sorry mate, you cannot get around manually updating those records :)

Master! Lol, now Chris Dent is the DNS guru!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.