Redirect requests to external domain to an internal server

Posted on 2009-12-18
Last Modified: 2012-05-08
Windows 2003 domain
DNS AD integrated Zone.
internal Zone name:

We had a site hosted outside named "". We decided to host this site in our network, so we made the changes in the external DNS zone of ""  to point to this site with a Public IP that is part of the subnet assigned to us by our ISP. When our internal users try to access ""  they can't.  I created an "A" record in the internal "" zone trying to redirect the internal requests to the internal IP of the server where the side is hosted but it would not work.  To make it work our user would need to type instead of  . Question:

Could I create another primary zone in our internal DNS(AD integrated perhaps?) called "" , then create the www record that points to the internal server? then our users would get redirected to the internal site without trying to access this site extermally? I am not sure about creating another primary forward lookup zone for a zone that we do not host in the same DNS server integrated with Active Directory

Thanks in advance for your help,

Question by:JohnRamz
    LVL 57

    Expert Comment

    You do need to create a zone on your DNS server for and the A records for any host that you serve internally will need to point to your internal IP address.

    However, you will need to add other A records for  For any host name in that zone that you access from inside your network you will need to add that host name to your zone.

    Author Comment



    Thanks for your answer. Does it matter if it is AD integrated or not? . In regard to " For any host name in that zone that you access from inside your network you will need to add that host name to your zone." you mean like if it later we decide to create a different site like : "" , then

    - if we host it outside we would need to point that internal A record in that zone  to whatever was pointed to in the external DNS zone.

    - If we host it inside then we would do the same as what you suggested in your first part of the reply above.

    Again, I am making sure I understood your reply and please clarify if this new primary lookup forward zone should be AD integrated or not? does it matter either way?


    LVL 57

    Accepted Solution

    The new primary zone does not need to be AD integrated as it is not a AD domain, it just a "plain IP domain name space" and you don't need to do any type of automatic DNS update for the new zone.  You are only going to have a one, or a few, host names in that zone.

    Do you ever send e-mail to that domain name?  If so, then you will also need to define MX records and A names as needed so that you can send e-mail.

    Now, I am not sure if the Windows DNS server can do this, but some DNS servers can be setup so that they return different results based on where (based on IP address) the query came from.  So it might be possible to setup your DNS server to be a secondary zone for and then you setup entries as needed to return your internal IP address for any hosts that are on your inside network.  This type of setup is called:  split zone, split brain, and/or split horizon.  Doing this makes it easier to maintain the zone as all you need to do is maintain the entries for hosts that are on your internal network, the external hosts are handled by the "real" DNS entries.

    Author Comment

    It worked. thanks!

    Author Closing Comment

    This expert is even willing to help during weekends and Christmas season on top of it.  Very few of them of the experts do that.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
    This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now