Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

urgent forward lookup zone

Posted on 2007-11-18
11
408 Views
Last Modified: 2010-04-07
i have set up a windows server with exchange on it.  all my dns is hosted by at&t.  my internal .local and my public is .org i only have one forward lookup zone in dns with forwarders to my isp.  so my question is do i need to add another primary forward lookup zone for my .org address since .local is not a valid domain on the internet

thanks
0
Comment
Question by:amoos
  • 6
  • 5
11 Comments
 
LVL 6

Expert Comment

by:zane_o
ID: 20308922
This depends on a couple of factors.  If you are trying to connect to sites hosted locally and you need your .org addresses to resolve to your internal private IP addresses, then you should add the .org domain to your internal DNS.  For example, if your website www.yourorg.org is hosted on a server behind your firewall, and you need to access it using the internal IP address, the easiest way to do this is by having the zone in your DNS.
If you are not using the .org internally at all, with the exception of receiving e-mail to that domain, there is no need to add the second zone.
0
 

Author Comment

by:amoos
ID: 20308934
ok i use exchange for email.  so since i have a .local do i have to have a separate zone for .org for email????  exchange is on the same server as 2003 R2??
0
 

Author Comment

by:amoos
ID: 20308952
our website is hosted by someone else so i do not have to worry about that.  the only thing we use internally is the exchange.  so do i have to create another forward lookup zone for the email and addd the email record in that zone???  even though all the m records from my isp are forwarded to my internal ip from the firewall???  i am confused

please help
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 6

Expert Comment

by:zane_o
ID: 20308986
You do not need to add a zone for to receive e-mail destined to the .org domain.  Make sure you have added the .org domain in the recipient policy inside Exchange and that there is a public MX record so that other mail servers on the Internet know how to send messages to your domain.
You should not have to do anything DNS related on your internal network to receive e-mail.  You do not need to created a zone internally or have an MX record internally.
0
 

Author Comment

by:amoos
ID: 20309007
great so can you tell me what i have to do on the recipient policy in exchange to do this???all the mail and records provided to me by my isp are forwarded from my firewall to my server internally.  
0
 
LVL 6

Expert Comment

by:zane_o
ID: 20309010
Exchange 2003 or 2007?
0
 

Author Comment

by:amoos
ID: 20309017
exchange 2003
0
 
LVL 6

Expert Comment

by:zane_o
ID: 20309034
From the Exchange System Manager, look under Recipients/Recipient Policies.  In the default Policy Properties, Click the E-mail Addresses tab.  Add your domain that you want to receive e-mail for and set it as the primary.
0
 

Author Comment

by:amoos
ID: 20309062
i have already done that. but that is exactly what i did.  so is that all i had to do??  the policies are set right in exchange.  so is there anything else i have to do???  all the ip's are forwarded from the firewall to the internal exchange server ip.  do i need to make the smtp banner the same as the mx record.

for example at&t has 12.xxx.xxx.xxx
mail.mydomain.org

my smtp banner is myserver.mydomain.org

do they need to be the same???
0
 
LVL 6

Accepted Solution

by:
zane_o earned 500 total points
ID: 20309089
The SMTP banner does not have to be the same as the MX record name.  I posted in the other question that I can't connect on port 25 (SMTP) to the IP 12.189.231.183.  Is this the IP address of your server?  If so, you need to get port 25 responding.
0
 

Author Comment

by:amoos
ID: 20309113
no that is not the ip of my server that is the ip that was given to me from at&t.  the ip i have for my exchange is 192.68.10.3 which is behind a watchguard firewall???  if there is something wrong please tell me what to fix??
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Big Problem with Redirected Folder 8 59
Domain Controller FSMO 7 66
DNS Server Service Missing on Domain Controller Server 2012 R2 19 55
DNS entry for intranet 1 19
Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question