?
Solved

DNS zone forwarding win svr 2003

Posted on 2009-04-03
9
Medium Priority
?
254 Views
Last Modified: 2012-06-27
i need to find a way somehow for just 1 site

its mitelxxxx.com

but i have a machine tht needs to when ANYone internally at my office need to connect to ya.mitelxxxx.com i need it to forward to an internal IP instead of an external

so like ya.mitelxxxx.com to get to 192.168.14.2    instead of using the public dns server to resolve it to a 64.xx.xx.224 address

ive tried creating a new zone but im really lost on how to do it i tried to find steps but noone really tries what im trying...



THanks

0
Comment
Question by:ritztech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 12

Expert Comment

by:NetAdmin2436
ID: 24064252
0
 

Author Comment

by:ritztech
ID: 24064452
now is it mean just for the standard mitelxxxx.com     or can i do it for ya.mitelxxxx.com and a different internal address for   tw.mitelxxxx.com


Thanks ; )
0
 
LVL 5

Expert Comment

by:mrmarkfury
ID: 24064912
I'm pretty sure you can get granular with conditional forwarders:
ya.mitelxxxx.com -> 1.1.1.1
tw.mitelxxxx.com -> 2.2.2.2
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 6

Expert Comment

by:bdesmond
ID: 24072238
Correct you can granularly configure conditional forwarders in that manner whoever this is fundamentally not the solution to the OP's question (as I understand it anyway).

I would create a Primary Zone in DNS called mitelxxxx.com, and then create two A records, one called ya and one called tw and specify the IPs you want.

Thanks,
Brian Desmond
Active Directory MVP
0
 

Author Comment

by:ritztech
ID: 24072806
if I do it that way it says somethingabout reverse zone....   Thanks
0
 
LVL 6

Expert Comment

by:bdesmond
ID: 24072807
OK so what is the message? Paste it here...

Thanks,
Brian Desmond
Active Directory MVP
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24075966

Probably says that it failed to create / update the PTR record in the Reverse Lookup Zone. The box is "probably" ticked when creating the records (it remembers the last state of the box) through the GUI. If that is the case it can be ignored.

If you still need to allow access to everythingelse.mitelxxx.com then you may need to change things slightly. But if what you have now is working then it can stay.

Chris
0
 

Author Comment

by:ritztech
ID: 24099216
well odd thing is it was working for a little bit then just died ..... SO i changed my dns server because it had primary 192.168.11.1 as my server and the 204.xx.xx.xx as the secondary when i just allowed my prmary and not the secondary it wouldnt even let me get out on the internet so i think there is something wrong with my dns server the dhcp on it hands out 2 dns

Primary       192.168.11.1
Secondary  204.xx.xx.xx

so im thinking cant connect the first one so go to the secondary..


Thanks; )
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 24105343

Is this an Active Directory domain? If it is you should really only have your clients (and servers) use DNS servers that can answer for the Active Directory domain name. If you don't you are likely to run into authentication issues and general problems finding the domain.

If that is the case, and 11.1 is your server then we need to fix it. A few things spring to mind immediately:

1. In the DNS Console, Server Properties, Check Forwarders. If you're forwarding to servers that no longer respond then 11.1 will not be able to resolve public names.

2. Check your Firewall. If your DNS server cannot resolve public names it's possible that this is due to firewall rules preventing it gaining external access. At least outbound UDP Port 53 needs to be open. Ideally TCP Port 53 should also be open (used when a response overflows the UDP limit).

3. If it's not using Forwarders, and the Firewall allows everything, check the Root Hints tab. To resolve public names it should contain entries for a.root-servers.net to m.root-servers.net (13 of them in all).

Chris
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question