Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Redirect requests to external domain to an internal server

Posted on 2009-12-18
Medium Priority
Last Modified: 2012-05-08
Windows 2003 domain
DNS AD integrated Zone.
internal Zone name: companyA.com

We had a site hosted outside named "companyB.com". We decided to host this site in our network, so we made the changes in the external DNS zone of "companyB.com"  to point to this site with a Public IP that is part of the subnet assigned to us by our ISP. When our internal users try to access "companyB.com"  they can't.  I created an "A" record in the internal "companyA.com" zone trying to redirect the internal requests to the internal IP of the server where the side is hosted but it would not work.  To make it work our user would need to type http://companyB.com.companyA.com instead of http://companyB.com  . Question:

Could I create another primary zone in our internal DNS(AD integrated perhaps?) called "companyB.com" , then create the www record that points to the internal server? then our users would get redirected to the internal site without trying to access this site extermally? I am not sure about creating another primary forward lookup zone for a zone that we do not host in the same DNS server integrated with Active Directory

Thanks in advance for your help,

Question by:JohnRamz
  • 3
  • 2
LVL 57

Expert Comment

ID: 26087163
You do need to create a zone on your DNS server for companyB.com and the A records for any host that you serve internally will need to point to your internal IP address.

However, you will need to add other A records for companyB.com.  For any host name in that zone that you access from inside your network you will need to add that host name to your companyB.com zone.

Author Comment

ID: 26087228


Thanks for your answer. Does it matter if it is AD integrated or not? . In regard to " For any host name in that zone that you access from inside your network you will need to add that host name to your companyB.com zone." you mean like if it later we decide to create a different site like : "customer.companyb.com" , then

- if we host it outside we would need to point that internal A record in that zone  to whatever was pointed to in the external DNS zone.

- If we host it inside then we would do the same as what you suggested in your first part of the reply above.

Again, I am making sure I understood your reply and please clarify if this new primary lookup forward zone should be AD integrated or not? does it matter either way?


LVL 57

Accepted Solution

giltjr earned 2000 total points
ID: 26087585
The new primary zone does not need to be AD integrated as it is not a AD domain, it just a "plain IP domain name space" and you don't need to do any type of automatic DNS update for the new zone.  You are only going to have a one, or a few, host names in that zone.

Do you ever send e-mail to that domain name?  If so, then you will also need to define MX records and A names as needed so that you can send e-mail.

Now, I am not sure if the Windows DNS server can do this, but some DNS servers can be setup so that they return different results based on where (based on IP address) the query came from.  So it might be possible to setup your DNS server to be a secondary zone for companyB.com and then you setup entries as needed to return your internal IP address for any hosts that are on your inside network.  This type of setup is called:  split zone, split brain, and/or split horizon.  Doing this makes it easier to maintain the zone as all you need to do is maintain the entries for hosts that are on your internal network, the external hosts are handled by the "real" DNS entries.

Author Comment

ID: 26097946
It worked. thanks!

Author Closing Comment

ID: 31667983
This expert is even willing to help during weekends and Christmas season on top of it.  Very few of them of the experts do that.

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question