[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

DNS Question with hosting site internally

Posted on 2009-02-24
10
Medium Priority
?
616 Views
Last Modified: 2013-11-16
We have built a site on a Windows 2003 server (IIS) that needs to be accessed from both inside and outside our network.  Here are the *sample* details

Domain Registration is through 1and1.com
Domain Name: citypayroll.com forwards to https://www.citypayroll.com/payroll
Sub-Domain Name: www.citypayroll.com has an A record of 72.5.6.1
Outside IP addres of our Cisco ASA: 72.5.6.1 (translates to internal DNS 10.0.0.23)


Internal Windows 2003 DNS setup sample
Created Forward lookup zone of citypayroll.com
Created an alias (CNAME) record and pointed it to https://citypayroll.com/payroll



From outside the network, we can browse to citypayroll.com and everything forwards properly.  However, internally, we recieve no ping responses and it doesn't even get to an IIS page.  I think there are two issues we are dealing with...  One, our citypayroll.com doesn't have an internal A record associated with it.  That is be cause we don't associate one with it on 1and1...we simply create the A record for the www subdomain.  The second issue is that this page is not the default website in IIS.  There may be a way to do some sort of forwarding in our Cisco ASA as well.

Happy troubleshooting
0
Comment
Question by:cityoflafayette
  • 5
  • 3
  • 2
10 Comments
 
LVL 10

Expert Comment

by:Sorenson
ID: 23726157
so the IIS server resides inside of the ASA currently?  As well as the workstations and the DNS server?
If so, create a forward lookup zone within the internal dns of www.citypayroll.com  (full name, www.citypayroll.com) and place the A record for that domain to be the internal IP address of the IIS server that hosts the site.

Doing so, will keep lookups for other *.citypayroll.com sites going to the proper 1and1 lookup.  And redirects attempts to access www.citypayroll.com to the internal address.

There is a way with the ASA to redirect and rewrite the DNS search, but I have not had a lot of success with it.
0
 

Author Comment

by:cityoflafayette
ID: 23726259
Yes, the IIS server as well as all PCs resides on the network inside the ASA.  

The DNS zones change would work however we would still need to accomplish the /payroll portion.  When we create those zones, it simply gets to the IIS Server but not the actual subdirectory page of /payroll.
0
 
LVL 10

Expert Comment

by:Sorenson
ID: 23726349
That would be a function of the IIS server, not the firewall.
If I understand correctly, you want anyone that tries to goto http://www.citypayroll.com to be redirected to https://citypayroll.com/payroll ?  both internal and external?

If so copy the following out to a text file, save as index.html in the root of the IIS website. (backup the current one, etc).
-----------------snip-------------------
<html>
<head>
<meta http-equiv="REFRESH" content="0; URL=https://citypayroll.com/payroll"> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>CityPayroll Redirect</title> </head>

<body link="#0000A6" vlink="#0000A6" alink="#0000A6"> <center> <FONT COLOR=#0000A6> <H4>

If you aren't automatically redirected, click <a href="https://citypayroll.com/payroll">here</a>.

</H4>
</FONT>
</center>
</body>
</html>

------------snip-----------------

0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:cityoflafayette
ID: 23726500
Sort of...
I want anyone that types in citypayroll.com (not http://www.) to be redirected to https://www.citypayroll.com/payroll both internal and external
0
 

Author Comment

by:cityoflafayette
ID: 23726509
also, we will be hosting other sites on this server, so I want to make sure the default site doesn't always redirect
0
 
LVL 10

Expert Comment

by:Sorenson
ID: 23726560
configure IIS to use host headers: http://support.microsoft.com/kb/190008
create site for citypayroll.com
set default.htm or index.htm (whatever is specified in the site) to use a modified version of the script above (change the URL and href tags to be what you want).


in internal dns setup zone for citypayroll.com and point A record for zone to internal server.  (note: when doing it for the real domain-zone, you will need to add any other records (ie: mail or ftp, www, etc within that zone as A records pointing to the appropriate internal or external addresses).  Within your network your dns server will be authoratative for citypayroll.com outside, the external dns server will be.

does that help?
0
 
LVL 3

Expert Comment

by:stlbridge
ID: 23729458
Firstly, don't get too tangled up with the DNS pointers, names, and things.

Remove anything that you have set to point to your citypayroll.com

In DNS, under forward lookup zone, right click Create a new Zone

Call the zone citypayroll.com and give it the local IP address that your IIS has setup.

Just for fun, open CMD and type:

ipconfig /flushdns

This is what I did to get my webmail to work internally.

0
 

Accepted Solution

by:
cityoflafayette earned 0 total points
ID: 23745321
we ended up writing our own script
0
 
LVL 3

Expert Comment

by:stlbridge
ID: 23745369
Could you post the script so others who have the same problem can benefit?
0
 

Author Comment

by:cityoflafayette
ID: 23745389
yes however due to real name servers etc, we will need to modify it.  It will be a little while
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A publishing tool, a Version Control System, or a Collaboration Platform! These can be some of the defining words for the two very famous web-hosting Git repositories: Bitbucket and Github. Git is widely used amongst the programmers and developers f…
Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
This video teaches viewers how to create their own website using cPanel and Wordpress. Tutorial walks users through how to set up their own domain name from tools like Domain Registrar, Hosting Account, and Wordpress. More specifically, the order in…
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to selectively show certain fields based on user input using rules to gather relevant information and data from your forms. The rules feature provides you with an opportunity…
Suggested Courses

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question