Solved

urgent forward lookup zone

Posted on 2007-11-18
11
410 Views
Last Modified: 2010-04-07
i have set up a windows server with exchange on it.  all my dns is hosted by at&t.  my internal .local and my public is .org i only have one forward lookup zone in dns with forwarders to my isp.  so my question is do i need to add another primary forward lookup zone for my .org address since .local is not a valid domain on the internet

thanks
0
Comment
Question by:amoos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 6

Expert Comment

by:zane_o
ID: 20308922
This depends on a couple of factors.  If you are trying to connect to sites hosted locally and you need your .org addresses to resolve to your internal private IP addresses, then you should add the .org domain to your internal DNS.  For example, if your website www.yourorg.org is hosted on a server behind your firewall, and you need to access it using the internal IP address, the easiest way to do this is by having the zone in your DNS.
If you are not using the .org internally at all, with the exception of receiving e-mail to that domain, there is no need to add the second zone.
0
 

Author Comment

by:amoos
ID: 20308934
ok i use exchange for email.  so since i have a .local do i have to have a separate zone for .org for email????  exchange is on the same server as 2003 R2??
0
 

Author Comment

by:amoos
ID: 20308952
our website is hosted by someone else so i do not have to worry about that.  the only thing we use internally is the exchange.  so do i have to create another forward lookup zone for the email and addd the email record in that zone???  even though all the m records from my isp are forwarded to my internal ip from the firewall???  i am confused

please help
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 6

Expert Comment

by:zane_o
ID: 20308986
You do not need to add a zone for to receive e-mail destined to the .org domain.  Make sure you have added the .org domain in the recipient policy inside Exchange and that there is a public MX record so that other mail servers on the Internet know how to send messages to your domain.
You should not have to do anything DNS related on your internal network to receive e-mail.  You do not need to created a zone internally or have an MX record internally.
0
 

Author Comment

by:amoos
ID: 20309007
great so can you tell me what i have to do on the recipient policy in exchange to do this???all the mail and records provided to me by my isp are forwarded from my firewall to my server internally.  
0
 
LVL 6

Expert Comment

by:zane_o
ID: 20309010
Exchange 2003 or 2007?
0
 

Author Comment

by:amoos
ID: 20309017
exchange 2003
0
 
LVL 6

Expert Comment

by:zane_o
ID: 20309034
From the Exchange System Manager, look under Recipients/Recipient Policies.  In the default Policy Properties, Click the E-mail Addresses tab.  Add your domain that you want to receive e-mail for and set it as the primary.
0
 

Author Comment

by:amoos
ID: 20309062
i have already done that. but that is exactly what i did.  so is that all i had to do??  the policies are set right in exchange.  so is there anything else i have to do???  all the ip's are forwarded from the firewall to the internal exchange server ip.  do i need to make the smtp banner the same as the mx record.

for example at&t has 12.xxx.xxx.xxx
mail.mydomain.org

my smtp banner is myserver.mydomain.org

do they need to be the same???
0
 
LVL 6

Accepted Solution

by:
zane_o earned 500 total points
ID: 20309089
The SMTP banner does not have to be the same as the MX record name.  I posted in the other question that I can't connect on port 25 (SMTP) to the IP 12.189.231.183.  Is this the IP address of your server?  If so, you need to get port 25 responding.
0
 

Author Comment

by:amoos
ID: 20309113
no that is not the ip of my server that is the ip that was given to me from at&t.  the ip i have for my exchange is 192.68.10.3 which is behind a watchguard firewall???  if there is something wrong please tell me what to fix??
0

Featured Post

Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question