Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1434
  • Last Modified:

Can't access external website over internal domain

Hi,

SBS 2008 - new setup

DOMAIN NAME:   companysafety.com
IP:   64.23.137.246 (3rd party webhost IP)

A RECORD:   www.companysafety.com
IP:   64.23.137.246 (3rd party webhost IP)

- webhost does not control domain name
- webhost uses shared IP / storage for websites


A RECORD:   remote.companysafety.com
IP:   62.35.125.210 (Static WAN IP of Server)
- used for Remote Web Workplace, Outlook Web Access, Remote Desktop etc.

MX RECORD:   mail.companysafety.com
IP:   62.35.125.210 (Static WAN IP of Server)
- used for Exchange


Server Domain:   company.local
Server IP / DNS:   192.168.15.1
DHCP enabled through Server

Client machines logged onto the server cannot access "www.companysafety.com", even though it's located offsite on a separate WAN IP.
However, when the Client machine is using a different DNS address (ISP's DNS supplied through the router), it can see "www.companysafety.com"
Anyone using a separate internet connection can also see "www.companysafety.com"

Does anyone know what's causing this issue and how I can fix it?

Thanks
   
 
0
Clownie669
Asked:
Clownie669
  • 4
  • 2
  • 2
2 Solutions
 
ddiazpCommented:
do:

nslookup
server 4.2.2.2
www.companysafety.com  (or whatever domain you're working with)
(record IP in output)


Does this IP match what you have on your A record (www) under the companysafety.com zone?


When your clients query DNS for a domain, if your DNS server has that domain configured, the server will take control of any query to that domain.

For example, if you add a zone microsoft.com, and your clients query update.microsoft.com or *.*.microsoft.com for that matter, DNS will fail unless you have the matching records.
0
 
InsideviewM.D.Commented:
If you  check the forward lookup zone on the server and enter a Cname for Www pointing it to the external address it should work after a reboot
0
 
Clownie669Author Commented:
The server is currently down.  I'll be going in later tonight to finish the setup.
I'll try your suggestion.

Thanks
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
Clownie669Author Commented:
I went to "DNS" through "Administrative Tools" and expanded the "Forward Lookup Zones"
There are 4 listings:

_msdcs.company.local
company.local
companysafety.com
remote.companysafety.com

I added a "New Host (A or AAAA)..." record to all except "_msdcs.company.local" and rebooted the server.
Didn't work.

I'm new to this.  
Which listing am I supposed to add the new record too?
- "remote.companysafety.com" is the current public domain I setup using the "Set up your Internet address" wizard in the SBS Console
- company.local is the local domain
- "companysafety.com" is the old public domain I setup using the wizard.


Thanks
0
 
InsideviewM.D.Commented:
Ah perhaps the 4 are the problem,
On my server I only have 2 in the forward lookup
_msdcs.mycompany.local
and
mycompany.local
perhaps if you companysafe.com were removed the computers inside the LAN would be forced to look outside on the WAN for the website
0
 
ddiazpCommented:
what do you get when you do :

nslookup www.companysafety.com

on the client machines?

and what do you get when you do:

nslookup
server 4.2.2.2
www.companysafety.com

on the client machiines?


The result must match - if it doesn't, you haven't added an 'A' record "www" with the correct IP.

When you add the A record make sure to name it "www" and not "www.companysafety.com" (DNS will append the domain name to the record).

Also, check the hosts file for the clients to make sure there's no entry for www.companysafety.com pointing somewhere else:

C:\WINDOWS\system32\drivers\etc\hosts
0
 
Clownie669Author Commented:
Sorry for not responding sooner.

I was having another issue getting a trusted SSL Cert approved.
I'll have access to the server later tonight and will try your suggestions.


Thanks
0
 
Clownie669Author Commented:
Sorry for not responding sooner...again.

The solutions provided by Insideview and ddiazp were correct.


Thanks again!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

  • 4
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now