• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2795
  • Last Modified:

Cannot access website from Internal Network - DNS Issue?

Hi all

We currently have the following setup:

2 Domains companya.com and companyb.com, each with externally hosted websites.

companya.com works perfectly however companyb.com is a newly acquired domain and has been added to our internal DNS. In the forward lookup zone for this DNS entry we have 'A' records for mail and www (pointing to external IP address of website - IP is definately correct)

mail.companyb.com works perfectly and other prefixes; its only the www that wont seem to work. In IE you get back a HTTP 403 forbidden page

Any ideas? Hoping you can help
0
Bladey001
Asked:
Bladey001
1 Solution
 
stesomCommented:
Go to the command prompt and do an nslookup on the www domain, does it return the correct IP?
0
 
ggoossensCommented:
Could be a problem in IE itself... run a sfc /scannow and click OK. When the scan is complete, reboot and see if that helped (more info: http://support.microsoft.com/kb/318378)
0
 
Bladey001Author Commented:
the nslookup comes back with the correct ip

I doubt its a problem with IE as the problem is on everybodys machine (700+ machines) and on the servers
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
Sci-Fi-SiCommented:
When you say correct IP is that a LAN or WAN IP? Also, can you get to you website using :
http://companya.com? If you can but can't access it through http://www.companya.com then it's a missing host headder in IIS.

Can you ping www.comapnya.com? If not then you are missing a DNS record of www for that zone.

All the best
Sci-Fi Si
0
 
Sci-Fi-SiCommented:
Sorry, you did say.

>companya.com works perfectly however companyb.com is a newly acquired domain and has been >added to our internal DNS. In the forward lookup zone for this DNS entry we have 'A' records for >mail and www (pointing to external IP address of website - IP is definately correct)

>mail.companyb.com works perfectly and other prefixes; its only the www that wont seem to >work. In IE you get back a HTTP 403 forbidden page

The 403 error is common when there is no default document, or the default document has not been set correctly and directory browsing has been disabled (which is correct)

From your nslookup and pings it looks as though your DNS is set correctly and in getting a 403 error this would suggest that your request is getting through to the correct machine.

My suspicions are:
1. Double check your default document in IIS
2. Check your host headders in IIS and make sure there is a www.companya.com entry there.

Sci-Fi Si

0
 
Bladey001Author Commented:
The website is externally hosted and managed by a third party so i dont even know if they use IIS. But if you try and access the website from an external source you get to the website perfectly fine (using www.companyb.com)

Only doesn't work when trying from internal network

0
 
Sci-Fi-SiCommented:
Okey Dokey,

Looks like a bogus DNS entry.

>added to our internal DNS. In the forward lookup zone for this DNS entry we have 'A' records for

This could do it. Can I ask if your website is being externally hosted, surely you would want the DNS host name to be resolved externally from your network not internally.

I would remove the www.companyb.com entry from your internal DNS server (and for that matter all companyb.com records) and let it be resolved by your ISP's DNS servers.

Once the entry has been deleted, just do an ipconfig /flushdns and try again. Should work fine.

0
 
Bladey001Author Commented:
If we remove the zone the website works fine but we can't remove the entire zone because it contains records such as mail.companyb.com as well as other intranet websites which work fine

If i remove just the www record and flushdns it still doesn't work.

Perhaps is there any possible way to make this one record look outside to the ISP DNS rather than lookup internally?
0
 
Bladey001Author Commented:
I've tried pointing the www record at the bbc website and it still wont go anywhere
0
 
Sci-Fi-SiCommented:
I've just tried that myself with one of my domain records and it works just fine. Looks as though we're narrowing down the problem.

Adding a www A record pointing to the IP of bbc.co.uk or google.com etc... should work.

As a check you could add somthing like eeek.companya.com and point it to 209.85.171.99 which should bring up google.com. This test will check if you're getting a bogus DNS for the www record or not.

If you get the same problem then I would say your DNS is fine and it's a routing issue.
0
 
Bladey001Author Commented:
Ive added the following A Record to companyb forward lookup zone

eeek    Host (A)    209.85.171.99

And this works i.e. goes straight to the google website.
So its just the www record which doesn't work

Now i've just changed the www record on the companya zone to the one we're trying to get to and it works fine. So it only doesn't work for the www record on companyb.
0
 
Sci-Fi-SiCommented:
Okey Dokey,

Now we're getting somewhere, I just love the process of elimination...
There must be a record for www.companyb.com somewhere, it could be in the HOSTS file which kicks in before DNS so it might be worth having a look, a flushdns on your client machines and server would be worth a go.

One other thing, what DNS servers do you have listed for your clients network config?

>If i remove just the www record and flushdns it still doesn't work.

If you ping www.companyb.com do you get the same reply as just a ping to companyb.com?

All the best
Sci-Fi Si


0
 
Bladey001Author Commented:
Our HOSTS file is empty and i've tried flushing the DNS

All the clients use our 2 Domain controllers as DNS servers

From Internal if i ping www.companyb.com WITHOUT the A Record i get no response from ping
From Internal if i ping www.companyb.com WITH the A Record i do get a ping response
0
 
Sci-Fi-SiCommented:
Hi, been away for a day.

The Forbidden 403 suggests that this responce is coming from your IIS server. It looks as though it thinks it is hosting this website, but not being set up correctly (an there's no reason why it should be as you're not hosting the companyb.com website internally)

I still suspect this error is coming from IIS on your server. It is a little difficult to assist further as with all DNS issues not knowing the domain name limits what checks I can make to help you further.

0
 
Bladey001Author Commented:
Thanks for all the help it was indeed an incorrect DNS entry
0
 
slam8llcCommented:
Was this issue ever resolved?  
0

Featured Post

Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now