We use NAT our network. We have an application that needs to be accessed both inside and outside the network using https://app.domain.com. When inside the network, going to https://app.domain.com needs to direct the user to the internal IP (let's say 18.104.22.168) and outside the network, going to the same https://app.domain.com needs to direct the user to the external IP (let's say 22.214.171.124).
We run Active Directory and therefore 2003 Server DNS (for the internal network only) so I created a new Forward Lookup Zone in DNS and then an A record which points app.domain.com to 126.96.36.199. Now, internally, if any user goes to any FQDN at domain.com (except app.domain.com), they can't reach it because the 2003 Server DNS does not have a record for it.
The app.domain.com is the ONLY FQDN that I need to do this "split resolution" on. All other domain.com FQDN requests in the network should be forwarded to the internet.
What's the best way to do this? I'm looking for simple. Thanks experts.