Solved

DNS zone forwarding win svr 2003

Posted on 2009-04-03
9
251 Views
Last Modified: 2012-06-27
i need to find a way somehow for just 1 site

its mitelxxxx.com

but i have a machine tht needs to when ANYone internally at my office need to connect to ya.mitelxxxx.com i need it to forward to an internal IP instead of an external

so like ya.mitelxxxx.com to get to 192.168.14.2    instead of using the public dns server to resolve it to a 64.xx.xx.224 address

ive tried creating a new zone but im really lost on how to do it i tried to find steps but noone really tries what im trying...



THanks

0
Comment
Question by:ritztech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 12

Expert Comment

by:NetAdmin2436
ID: 24064252
0
 

Author Comment

by:ritztech
ID: 24064452
now is it mean just for the standard mitelxxxx.com     or can i do it for ya.mitelxxxx.com and a different internal address for   tw.mitelxxxx.com


Thanks ; )
0
 
LVL 5

Expert Comment

by:mrmarkfury
ID: 24064912
I'm pretty sure you can get granular with conditional forwarders:
ya.mitelxxxx.com -> 1.1.1.1
tw.mitelxxxx.com -> 2.2.2.2
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 6

Expert Comment

by:bdesmond
ID: 24072238
Correct you can granularly configure conditional forwarders in that manner whoever this is fundamentally not the solution to the OP's question (as I understand it anyway).

I would create a Primary Zone in DNS called mitelxxxx.com, and then create two A records, one called ya and one called tw and specify the IPs you want.

Thanks,
Brian Desmond
Active Directory MVP
0
 

Author Comment

by:ritztech
ID: 24072806
if I do it that way it says somethingabout reverse zone....   Thanks
0
 
LVL 6

Expert Comment

by:bdesmond
ID: 24072807
OK so what is the message? Paste it here...

Thanks,
Brian Desmond
Active Directory MVP
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24075966

Probably says that it failed to create / update the PTR record in the Reverse Lookup Zone. The box is "probably" ticked when creating the records (it remembers the last state of the box) through the GUI. If that is the case it can be ignored.

If you still need to allow access to everythingelse.mitelxxx.com then you may need to change things slightly. But if what you have now is working then it can stay.

Chris
0
 

Author Comment

by:ritztech
ID: 24099216
well odd thing is it was working for a little bit then just died ..... SO i changed my dns server because it had primary 192.168.11.1 as my server and the 204.xx.xx.xx as the secondary when i just allowed my prmary and not the secondary it wouldnt even let me get out on the internet so i think there is something wrong with my dns server the dhcp on it hands out 2 dns

Primary       192.168.11.1
Secondary  204.xx.xx.xx

so im thinking cant connect the first one so go to the secondary..


Thanks; )
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 24105343

Is this an Active Directory domain? If it is you should really only have your clients (and servers) use DNS servers that can answer for the Active Directory domain name. If you don't you are likely to run into authentication issues and general problems finding the domain.

If that is the case, and 11.1 is your server then we need to fix it. A few things spring to mind immediately:

1. In the DNS Console, Server Properties, Check Forwarders. If you're forwarding to servers that no longer respond then 11.1 will not be able to resolve public names.

2. Check your Firewall. If your DNS server cannot resolve public names it's possible that this is due to firewall rules preventing it gaining external access. At least outbound UDP Port 53 needs to be open. Ideally TCP Port 53 should also be open (used when a response overflows the UDP limit).

3. If it's not using Forwarders, and the Firewall allows everything, check the Root Hints tab. To resolve public names it should contain entries for a.root-servers.net to m.root-servers.net (13 of them in all).

Chris
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question