?
Solved

Why won't my internal DNS Host (A) record work right?

Posted on 2011-03-03
33
Medium Priority
?
813 Views
Last Modified: 2012-05-11
Hello,
 I've setup an internal Host (A) record to point to our external webserver. The record is portal.mydomain.com
Internally I can ping this FQDN and it resolves properly to the external IP. Nslookup also reports the internal dns server and points to our external server. When opening a browser internally and typing in the FQDN it says page cannot be displayed. BUT...........
If I'm outside of our network and type it in a browser it DOES bring up the correct page. I did enter in a dns record for this site in our external dns provider.
So the page comes up fine externally but not internally. I've flushed my dns.
Anything else to check?
Thanks,
BW
0
Comment
Question by:bwinkworth
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 10
  • 9
  • +2
33 Comments
 
LVL 6

Expert Comment

by:itnetworkn
ID: 35028258
If your inside you domain when you try to connect to it why don't you just set up DNS to point to the internal IP address?
0
 
LVL 17

Expert Comment

by:Chris Millard
ID: 35028295
Trying creating a CNAME instead of an A record
0
 

Author Comment

by:bwinkworth
ID: 35028298
The internal DNS record points to an external IP (our webserver) which is hosted elsewhere. All other Host records work like www and test.mydomain.com. Possible that 'portal' is some kind of new reserved word in 2008?

Thanks,
0
Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

 
LVL 5

Expert Comment

by:jhill777
ID: 35028304
So is the computer you're working on configured to use the internal DNS server for DNS?
0
 

Author Comment

by:bwinkworth
ID: 35028387
jhill777: Yes my internal computer I'm using here at work has my 2 internal dns servers listed when I do an 'ipconfig /all'
roybridge: I'll try a cname

Thanks
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 35028426

> Trying creating a CNAME instead of an A record

Don't bother, it won't have any effect. Besides, what would you alias to?

If both Ping and NsLookup return the right answer you can rule out DNS entirely. It would be worth finding out what's giving you the page cannot be displayed message. Perhaps run "telnet portal.mydomain.com 80" if it's HTTP or "telnet portal.mydomain.com 443" if it's HTTPS. If those don't connect you have a network problem, not a DNS problem.

Chris
0
 
LVL 5

Expert Comment

by:jhill777
ID: 35028507
What do you have entered in the "Host" field and FQDN field of the A record exactly?  This A record is within your "mydomain" zone, right?  And your "mydomain zone" is the same "mydomain" as portal.mydomain.com, right?
0
 

Author Comment

by:bwinkworth
ID: 35028689
Host field is had the word 'portal' w/o the quotes. The FQDN field fills itself as I'm typing in the portal word in the Host field so FQDN says portal.mydomain.com (I'm substituting my real domain name with 'mydomain' FYI)
Yes the A record is within the 'mydomain' zone and yes the domain zone is identical to the portal.mydomain.com.
Telnet doesn't seem to be doing anything no matter what port I put in on any of our websites
portal-properties.JPG
0
 
LVL 5

Expert Comment

by:jhill777
ID: 35028743
From the external computer I assume you're using IE, yeah?  You enter portal.mydomain.com and it takes you where you want to go.  Does it change the URL to http://portal.mydomain.com, https: or www?
0
 

Author Comment

by:bwinkworth
ID: 35028798
Yes I'm using IE. Externally when I enter portal.mydomain.com it does take me where I want to go. It changes the URL to http://www.mydomain.com/logiin/login.aspx which is where our IIS guy has configured the webpage. Please tell me it's his fault LOL

Thanks man
0
 
LVL 17

Expert Comment

by:Chris Millard
ID: 35028828
Can I just ask. Is your internal domain name mydomain.com or mydomain.local
0
 
LVL 5

Expert Comment

by:jhill777
ID: 35028835
What happens if you type that whole thing out internally in the URL?
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 35028840

Might I suggest that you make sure you can resolve "www.mydomain.com" internally since it changes the URL to that?

Chrios
0
 
LVL 5

Expert Comment

by:jhill777
ID: 35028848
Do you have an A record defined for www?  As in www.mydomain.com with the 199.x.x.x addy you provided earlier?
0
 

Author Comment

by:bwinkworth
ID: 35028872
roybridge: our internal domain is different and its a .int
jhill777: If I type out that url internally it does work. Hmmmm

0
 

Author Comment

by:bwinkworth
ID: 35028896
chris-dent: Yes www.mydomain.com does work and it brings up the page. I have an internal host record that points to the same IP that this portal one is trying to go to which is why I'm scratching my melon on this one :)

Thank you
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 35028922
The only way the URL can change is if the web server you talk to rewrites it or redirects you.

So, should you end up at that login page? Or is that login page failing to load?

Chris
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 35028930

> our internal domain is different and its a .int

Oh lucky you. Don't try and acquire a certificate including any of your internal domain names. .int is reserved for organisations formed by international treaty ;)

Completely unrelated to this though :)

Chris
0
 
LVL 5

Expert Comment

by:jhill777
ID: 35028942
Did you try kicking it?
If that doesn't work maybe scavenge old records on the DNS server?
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 35028958
lol kicking it is surely never inappropriate :)

Chris
0
 
LVL 5

Expert Comment

by:jhill777
ID: 35028993
> our internal domain is different and its a .int


So you need to have a new zone created for mydomain.com as your current zone is mydomain.int with an A record for www and an A record for portal, no?
0
 

Author Comment

by:bwinkworth
ID: 35029014
chris-dent: Niceeeeeeee lol. I'll keep that in mind
I did just talk to our web programmer and the way he has it set for the redirect is with an htaccess file which is edited with ISAPI rewrite. The contents of this file are:
# Helicon ISAPI_Rewrite configuration file
# Version 3.1.0.76

RewriteEngine on

# Redirect non-www version to www
RewriteCond %{HTTPS} (on)?
RewriteCond %{HTTP:Host} ^(?!www\.)(.+)$ [NC]
RewriteCond %{REQUEST_URI} (.+)

RewriteRule .? http(?%1s)://www.%2%3 [R=301,L]
RewriteCond %{HTTP_HOST} portal.mydomain.com
RewriteRule ^(.*)$ http://mydomain.com/login/login.aspx [L]

All jibberish to me but apparently it works.
0
 

Author Comment

by:bwinkworth
ID: 35029045
jhill777: Yes that's how it's setup. We have different zones setup under Forward Lookup Zones. Mydomain.int is our internal zone and mydomain.com is another zone. We also have a mydomain.ca
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 35029058
So lets loop all the way back:

> I've setup an internal Host (A) record to point to our external webserver. The record is portal.mydomain.com

Why? :)

And it's sending you here:

http://mydomain.com/login/login.aspx

Does that URL actually load inside your office?

Chris
0
 
LVL 5

Assisted Solution

by:jhill777
jhill777 earned 400 total points
ID: 35029065
So let's just put the full URL ( http://www.mydomain.com/logiin/login.aspx) in your favorites and name it portal.mydomain.com and select my "Kicking it" as the answer with Chris on the assist for concurring with said kick and call it a day.  lol
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 35029067

Or perhaps more to the point, if the zone is public, and the services within the zone are external, why do you need an internal version of the mydomain.com zone?

Chris
0
 
LVL 5

Expert Comment

by:jhill777
ID: 35029113
Now you're thinkin, Chris.  I concur.  Remove the mydomain.com zone.  Your DNS server for mydomain.int has forwarders configured for external DNS servers so let them handle all exteranl websites...mydomain.com being one of them.  
Kicking it should still get an assist though.  
0
 

Author Comment

by:bwinkworth
ID: 35029136
chris-dent: Yes that url loads up fine in the office. The reason why I have an internal host record pointing outside is because we have a test webserver in our DMZ that is identical to our external one for testing purposes. So test.mydomain.com would point to the 172.x.x.x but portal points outside to the 199.x.x.x
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 1200 total points
ID: 35029164

You could create a zone called "test.mydomain.com" then add a Host (A) record with a blank name and the internal IP (deleting the mydomain.com zone).

That way you only need maintain the record for test, the rest of the zone looks after itself (normal public resolution), leaving much more time for tetris or other wholesome activities :)

Chris
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 35029173

Of course, there is a point where Split-Brain becomes more desirable. I hit it with mine, continually adding zones can be higher maintenance. But for a very small number it's far less effort :)

Chris
0
 

Author Comment

by:bwinkworth
ID: 35031171
Boosting up the points
0
 

Author Closing Comment

by:bwinkworth
ID: 35031187
Chris I redid the DNS as you said and it works fine now.
jhill777 I liked your 'kickin it' plan so dropped you some points ;)
Thanks a lot everyone,
BW
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 35031459

You're welcome :)

Chris
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question