Internal users can't access external website with same domain name

Hi Folks.  Here's the deal...

Internal domain is named the same as external domain <> is hosted at is hosted internally.
Windows server 2008 running Exchange 2007 & IIS7.  This is also a domain controller.
Internal users hit and get the blue IIS 7 page External users have no issues accessing.
A record in internal DNS server points www to external website IP address.
2nd domain controller across town connected via sonicwall VPN also has an A record entry for www pointing to external website IP.

the only internal webhosting we're doing is outlook web access.  Can anyone tell me how I can fix this so internal clients can see the externally hosted website?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Brad HoweDevOps ManagerCommented:
Having an Internal Domain the same name as the External domain is called a split DNS setup. If this is true, you will need to create a www A RECORD under a forward lookup zone for

validate this asumption
     nslookup    Does this yield your WAN IP or Local IP of you DC?

If so, this will be a Forward lookup A Record in your local Domain zone. To create a host or "A" record:

1. Start the DNS snap-in.
2. Click the DNS Server object for your server in the left pane of the console, and then expand the server object to expand the tree.
3. Expand Forward Lookup Zones.
4. Under Forward Lookup Zones, right-click the zone that you want (for example,, and then click New Host (A).
5. In the Name (uses parent domain name if blank) box, type the name of the host that you want to add.
   For example, if you want to add a host record for a Web server, type www. And In the IP address box, type the IP address
   of the host that you want to add. For example, type

6. Select the Create associated pointer (PTR) record check box, and then click Add Host. You receive a message similar to the following:
7. The host was successfully created.
8. Click OK.

DNS lookup check
 1. Open CMD and run the following
     nslookup    Should return your local webserver IP

Let us know,
RJ_EmmettAuthor Commented:
I have a DNS A record entered www points to the external IP of the ISP.  nslookup comes back with the proper external ip address.  So does pinging

I don't have any reverse DNS zones created.  Should I?
Brad HoweDevOps ManagerCommented:
You need to create a forward lookup zone regardless. - Hades666
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

RJ_EmmettAuthor Commented:
I have forward zones.  no reverse zones.  
Brad HoweDevOps ManagerCommented:
Ok,  If that is the case, what does NSLOOKUP return.

CMD> nslookup 

1. Internal IP
2. External IP
3. Local DC IP

What is your website Bindings setup as?

Sometimes you can get away with this by editing your hosts file (c:\windows\system32\drivers\etc\hosts) and create an entry so that the FQDN of the external website resolves to the EXTERNAL Web IP address. Start by pinging from a pc outside of your network. Record the WAN Ip result. Then use notepad to edit the hosts file and add an entry:


Save the host file, then try hitting the site internally. IF this works, you can copy the hosts file to each workstation, or create DNS A Record Entry on your DNS server.

If this does not work, let me know I will give you plan B which is more complicated and involves creating a Static Route on your firewall/router device.

RJ_EmmettAuthor Commented:
I'll check the nslookup info tomorrow morning and report back.  Should I be running the nslookup internally or externally?

Brad HoweDevOps ManagerCommented:
Internally as the issue is with your internal DNS resolution.

Best Regards,
amatson78Sr. Security EngineerCommented:
Create a loopback for the server, a lot easier on you.
RJ_EmmettAuthor Commented:
OK, so I did nslookup and the results came back like this...

Server:  localhost
Address:  ::1

Address:  123.456.789.101   <not my real IP address, but results came back with external IP

Now here's another wrinkle.  I noticed that the web design guy has the external IP pointing to the root of the domain.  So when I hit externally the URL switches to

So from my understanding it sounds like the web design guy installed the website (cpanel) into the root of the domain, thus causing all these issues.

Does that sound like a likely reason to why the internal clients can't access the external domain?  If so what do I do?  Can I create another A record internally that points the root domain ( to the external IP?  Would that blow up my MX record which points to my internal server?

RJ_EmmettAuthor Commented:
I still haven't resolved this and could use some more help if not a lot more brain power here.

Is there a way to forward my internal IIS7 server's site to an external IP address?  I already have the DNS A record entry in my DNS server and on Godaddy's dns manager.  Since the internal users are still getting an IIS7 splash screen when they hit the I'd like to know if any of you guys know how to install a forwarder in IIS7.  I think that will fix it, but I don't know how to do it.

Or do you guys think I'm going in the wrong direction?
RJ_EmmettAuthor Commented:
I found the fix for this...

The website was created in WordPress.  The Word Press designer had set the website root address to NOT  So, when external users hit it would repoint to on the Godaddy server.  internal domain users would get the IIS7 screen.

This is because both my internal domain server and godaddy's name servers thought they were the SOA and would direct traffic to their own dns servers.  So, internal users were hitting and my internal server was saying "oh, that's right here" instead of going out of my domain to godaddy. Even DNS entries on my local server weren't fixing the issue.

Here's the fix:  login to your wordpress site and then on the left hand side of the site expand "settings" and click on "general".  Change the "WordPress Address URL" and "Site Address URL"  from to  Then click "save changes".  Blow away your cache and try hitting the website.

Hope that helps someone!!


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
RJ_EmmettAuthor Commented:
See my note above
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.