Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Can't access external website over internal domain

Posted on 2010-09-19
Medium Priority
Last Modified: 2012-08-13

SBS 2008 - new setup

DOMAIN NAME:   companysafety.com
IP: (3rd party webhost IP)

A RECORD:   www.companysafety.com
IP: (3rd party webhost IP)

- webhost does not control domain name
- webhost uses shared IP / storage for websites

A RECORD:   remote.companysafety.com
IP: (Static WAN IP of Server)
- used for Remote Web Workplace, Outlook Web Access, Remote Desktop etc.

MX RECORD:   mail.companysafety.com
IP: (Static WAN IP of Server)
- used for Exchange

Server Domain:   company.local
Server IP / DNS:
DHCP enabled through Server

Client machines logged onto the server cannot access "www.companysafety.com", even though it's located offsite on a separate WAN IP.
However, when the Client machine is using a different DNS address (ISP's DNS supplied through the router), it can see "www.companysafety.com"
Anyone using a separate internet connection can also see "www.companysafety.com"

Does anyone know what's causing this issue and how I can fix it?

Question by:Clownie669
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
LVL 10

Expert Comment

ID: 33712027

www.companysafety.com  (or whatever domain you're working with)
(record IP in output)

Does this IP match what you have on your A record (www) under the companysafety.com zone?

When your clients query DNS for a domain, if your DNS server has that domain configured, the server will take control of any query to that domain.

For example, if you add a zone microsoft.com, and your clients query update.microsoft.com or *.*.microsoft.com for that matter, DNS will fail unless you have the matching records.

Accepted Solution

Insideview earned 500 total points
ID: 33712331
If you  check the forward lookup zone on the server and enter a Cname for Www pointing it to the external address it should work after a reboot

Author Comment

ID: 33712366
The server is currently down.  I'll be going in later tonight to finish the setup.
I'll try your suggestion.

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.


Author Comment

ID: 33713836
I went to "DNS" through "Administrative Tools" and expanded the "Forward Lookup Zones"
There are 4 listings:


I added a "New Host (A or AAAA)..." record to all except "_msdcs.company.local" and rebooted the server.
Didn't work.

I'm new to this.  
Which listing am I supposed to add the new record too?
- "remote.companysafety.com" is the current public domain I setup using the "Set up your Internet address" wizard in the SBS Console
- company.local is the local domain
- "companysafety.com" is the old public domain I setup using the wizard.


Expert Comment

ID: 33714106
Ah perhaps the 4 are the problem,
On my server I only have 2 in the forward lookup
perhaps if you companysafe.com were removed the computers inside the LAN would be forced to look outside on the WAN for the website
LVL 10

Assisted Solution

ddiazp earned 500 total points
ID: 33717353
what do you get when you do :

nslookup www.companysafety.com

on the client machines?

and what do you get when you do:


on the client machiines?

The result must match - if it doesn't, you haven't added an 'A' record "www" with the correct IP.

When you add the A record make sure to name it "www" and not "www.companysafety.com" (DNS will append the domain name to the record).

Also, check the hosts file for the clients to make sure there's no entry for www.companysafety.com pointing somewhere else:


Author Comment

ID: 33718744
Sorry for not responding sooner.

I was having another issue getting a trusted SSL Cert approved.
I'll have access to the server later tonight and will try your suggestions.


Author Closing Comment

ID: 33804846
Sorry for not responding sooner...again.

The solutions provided by Insideview and ddiazp were correct.

Thanks again!

Featured Post

Tech or Treat!

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question