90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!
Manual Entry for DNS
Hi I have inherited a domain which is in the format of companyname.co.uk not .local. The company use OWA which is accessed by http/s://name.companyname.
IPAD/Phone users work fine externally but not when connected to the local LAN as the setup in the device is looking for the external IP not internal.
IS their anyway i can add http/s://name.companyname.
It is on a MS 2003 server with full AD.
Many thanks.
IPAD/Phone users work fine externally but not when connected to the local LAN as the setup in the device is looking for the external IP not internal.
IS their anyway i can add http/s://name.companyname.
It is on a MS 2003 server with full AD.
Many thanks.
Asked:
-
20
18
13- +2
3 Solutions
If I understood correctly your situation, you need to create a DNS zone on your internal DNS server, for companyname.com domain. Add an A record for your mail server to this zone and there you are.
I have tried that, i can ping name.companyname.com and it resolves fine to the internal IP address but when i add http:// before it it still tries to access the internet and external IP address. I have tried to add an A record with http://name.companyname.com but obviously it does not allow me to do this.
Are you using a proxy? What DNS settings does the proxy use?
Check the results of nslookup, instead of ping.
Check the results of nslookup, instead of ping.
if i use nslookup, set q=any then query name.companyname.com it resolves to the internal IP address. The server nslookup uses is the DC on the domain.
sorry if i ping name.companyname.com from my PC it resolves to the external IP. Is it possible that DNS just hasn't updated on my PC. I have flushed the DNS cache.
It sounds like you have done it right if you can ping it and get the internal IP.
There is no reason your browser should be going to the outside IP. You don't have any proxy settings in your browser do you?
Try closing all browser windows. Clean your cache out.
Go to CMD and do: ipconfig /flushdns
Then going to the site again.
If you DO have proxy settings in IE then you will find that your web browser will only use DNS results provided to it by the proxy server.
There is no reason your browser should be going to the outside IP. You don't have any proxy settings in your browser do you?
Try closing all browser windows. Clean your cache out.
Go to CMD and do: ipconfig /flushdns
Then going to the site again.
If you DO have proxy settings in IE then you will find that your web browser will only use DNS results provided to it by the proxy server.
Sorry, i can nslookup and get the internal IP but if i ping i get the external. I have flushed the DNS cahce using ipconfig/flusdns but if i ping name.companyname.com it resolves to the external IP addres.
wait a sec... I'm sorry. If you are pinging and getting back the EXTERNAL IP then it is not right.
Do you have multiple DNS servers set on your PC? (if you do ipconfig /all is one of the DNS servers an external DNS server or your firewall?)
Windows may take turns and use the secondary DNS server sometimes to query. Do another nslookup and use the 'server xxx.xxx.xxx.xxx' command to change the server to be the second DNS server and retest your query.
Do you have multiple DNS servers set on your PC? (if you do ipconfig /all is one of the DNS servers an external DNS server or your firewall?)
Windows may take turns and use the secondary DNS server sometimes to query. Do another nslookup and use the 'server xxx.xxx.xxx.xxx' command to change the server to be the second DNS server and retest your query.
No, in this case, if nslookup is correct, while ping isn't, it means that you have problems with netbios name resolution. Do you have WINS servers on your network? Let's try this: can you please create an item in your hosts file?
Like this: open %systemroot%/drivers/etc/h
create the object IP_internal_address website.name
Like this: open %systemroot%/drivers/etc/h
create the object IP_internal_address website.name
no conflicting entries dns appears to have replicated between the servers. but if i use nslookup server xxx.xxx.xxx.xxx i get a timeout.
No, i'm sorry if your confused but if your internal domain and external domain are different as they appear to be then netbios has nothing to do with it.
Windows tries DNS before it tries NETBIOS in order of query attempts. If you have any HOSTS file records for that DNS entry then remove them.
Start -> Run...
notepad c:\windows\system32\driver
Windows tries DNS before it tries NETBIOS in order of query attempts. If you have any HOSTS file records for that DNS entry then remove them.
Start -> Run...
notepad c:\windows\system32\driver
when i said server xxx.xxx.xxx.xxx I mean the xxx.xx.xx.xxx should be the IP address of the second server, the one you wish to query.
if you did use the IP in that command and still you are getting timeouts then your DNS server is not responding and that's a good place to start troubleshooting.
Also in the DNS snap-in on your servers right-click on the server object and choose "Clear DNS Cache".
if you did use the IP in that command and still you are getting timeouts then your DNS server is not responding and that's a good place to start troubleshooting.
Also in the DNS snap-in on your servers right-click on the server object and choose "Clear DNS Cache".
oh I just re-read your post. "nslookup server xxx.xxx.xxx.xxx " is not one command.
open the CMD.
then type 'nslookup' by itself.
the prompt should change.
then do the 'server x.x.x.x' command where the x.x.x.x is the IP of the server you wish to query.
open the CMD.
then type 'nslookup' by itself.
the prompt should change.
then do the 'server x.x.x.x' command where the x.x.x.x is the IP of the server you wish to query.
After 'server x.x.x.x' command then you will tell nslookup to change servers. then (without exiting nslookup) just type the name you wish to query (name.companyname.com) and hit enter.
right both DNS servers resolve the name.companyname.com to the correct internal IP address. However when i ping i get the external IP
you should be doing these nslookup queries on your PC, right?
not the server...
and when you do ipconfig /all on your PC, the DNS servers you see displayed should be those two internal servers and not any others... right?
not the server...
and when you do ipconfig /all on your PC, the DNS servers you see displayed should be those two internal servers and not any others... right?
yep all correct on my PC, both IP's of the DNS servers have been checked using NSlookup and they both resolve to the internal IP.
@FP: Run IPConfig /ALL
Check that the ONLY DNS Server IP Addresses listed are those of your two internal DNS servers. I'm guessing that your probably on a wireless network or have an ISP DNS server configured on one of your NICs as a DNS Server.
Check that the ONLY DNS Server IP Addresses listed are those of your two internal DNS servers. I'm guessing that your probably on a wireless network or have an ISP DNS server configured on one of your NICs as a DNS Server.
i have flushed the local cache, still remains the same fine on nslookup but not ping. Where else should i be looking?
something is not making sense here...
wait a sec... are you connected to a VPN tunnel? you're sure you don't have any other active network adapters on this PC?
you could also have spyware on your PC which is redirecting your DNS queries to an outside host via an infected winsock (tcp/ip stack). Try a different PC. If you think you do have a corrupted winsock then use one of the steps in the two solutions listed here: http://www.experts-exchange.com/Networking/Protocols/Transport/TCP-IP/Q_26273278.html
Please double-check that there is no proxy settings either by going to Control Panel -> Internet Options -> Connections tab -> LAN Settings -> everything should be unchecked.
Some viruses will also add proxy settings in there for you.
wait a sec... are you connected to a VPN tunnel? you're sure you don't have any other active network adapters on this PC?
you could also have spyware on your PC which is redirecting your DNS queries to an outside host via an infected winsock (tcp/ip stack). Try a different PC. If you think you do have a corrupted winsock then use one of the steps in the two solutions listed here: http://www.experts-exchange.com/Networking/Protocols/Transport/TCP-IP/Q_26273278.html
Please double-check that there is no proxy settings either by going to Control Panel -> Internet Options -> Connections tab -> LAN Settings -> everything should be unchecked.
Some viruses will also add proxy settings in there for you.
Open the DNS console, select view set it to "advanced" and checked "cached lookups", expand ".com" then look for "companyname", see if it exists if it does delete it.
@MojoTech: Yeah but I already told him above to right click on the server object and clear the entire cache and I think he did.
I cleared the cached however, i have looked under the advanced view on the companyname under .com and it has an A record with the external IP address in.
Should i delete this?
Should i delete this?
you should not see any entries in the cache at all for companyname.com unless you actually never cleared the server cache. You should definitely delete it and the whole comanyname.com (under the cache only of course) but if you really did clear the server's cache before then it will probably reappear the next time you query it.
If it reappears in the cache then this means your zone you created is not working right or was improperly created. A zone that exists on the DNS server will not show up in that cache.
If it reappears in the cache then this means your zone you created is not working right or was improperly created. A zone that exists on the DNS server will not show up in that cache.
ok i have cleared the cache again and the entry has gone. I have cleared the cache on all servers and flushed my PC it still all points to the external IP when i ping :-(
Also do a properties on your server name in the DNS snap-in and check if you have any DNS forwarders. You should not have any, especially not a domain specific forwarder for companyname.com!
If it was re-chaced then it is being pulled externally so check that on your dns server you do actually have the zone that reads only as
"companyname.com"
and it that zone you have an a record that reads only "name" (or whatever you use) pointing to the internal IP
"companyname.com"
and it that zone you have an a record that reads only "name" (or whatever you use) pointing to the internal IP
yes it has re-cached it. i have looked under forward lookup zones, domainname.co.uk and in there the is a com with a + beside it, i click the + and the external domainname is there (companyname)
well if its returning that external IP then its not the records in the zone but the zone itself which is being ignored.
you sure there's no typo in the zone name or like MojoTech said, that it says exaclty "companyname.com" and nothing else?
you sure there's no typo in the zone name or like MojoTech said, that it says exaclty "companyname.com" and nothing else?
"yes it has re-cached it. i have looked under forward lookup zones, domainname.co.uk and in there the is a com with a + beside it, i click the + and the external domainname is there (companyname)"
This is a config issue this zone should not appear as .com under the existing zone "domainname.co.uk "
You need to right click the DNS Server and select "new zone" run through the wizard, make it forward and AD Intergrated and create a new zone called "companyname.com" then create the A record in that zone.
This is a config issue this zone should not appear as .com under the existing zone "domainname.co.uk "
You need to right click the DNS Server and select "new zone" run through the wizard, make it forward and AD Intergrated and create a new zone called "companyname.com" then create the A record in that zone.
He's quite right. It should be it's own entry in the DNS cache directly under "com" not under anything else.
Perhaps you accidentally created it as a subdomain to your primary domain...?
not sure why it would pass an nslookup test... primary domain suffix comes into play in an nslookup query...?
Perhaps you accidentally created it as a subdomain to your primary domain...?
not sure why it would pass an nslookup test... primary domain suffix comes into play in an nslookup query...?
BTW once done you will have to flush the caches again, but just start on the server to prove it is working then tackle the clients.
Ok i know were i went wrong i created just a new A record not a new zone first. I have created the new zone added an A record for the website! as i couldn't access that. Is there anything i need to add?
If it's 2003 server, choose Primary and there will be a checkbox below which says "store the zone in active directory".
If you instead see an option for active directory integrated by itself then choose that. I forget at which versions they changed the wizard but it will be one or the other.
If you instead see an option for active directory integrated by itself then choose that. I forget at which versions they changed the wizard but it will be one or the other.
That should be it FattyPo, unlees you need other records, if your company website is external you would need a www records in that zone pointing to the external IP and so on or any external recources, anything host externally for companyname.com will not get resolved now you have created a zone unless you have records for them, these records can point internal or external, but any client using your dns server to resolve anything for comapnname.com will only look at the zone you just created, so anything which does not have a record in that zone will not get resolved.
you will need to manually add A records for everything that your external DNS servers are taking care of for "companyname.com". i.e. if there's a WWW.companyname.com then add that. if there's a ftp.companyname.com then add that and so on. Also you can make just plain "companyname.com" point to something by creating an A record and typing nothing in the "Name:" blank. Probably you also want that to point to your company website.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Featured Post
The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.
Tackle projects and never again get stuck behind a technical roadblock.
Join Now
This is very common set up