We help IT Professionals succeed at work.

SBS 2011 resolves external domain name to server LAN IP address

Medium Priority
Last Modified: 2012-04-02
Hello all

I've just set up my first SBS2011 installation and everything seems to be working except one thing: If I ping the company's externally hosted website by name the replies come back from the LAN IP address of the SBS server.

I've followed the MS recommendation to use the "remote" prefix for all remote access including email, but the server seems to be assuming that it's hosting the company website, which it most definitely isn't.

The Exchange server is quite happy to send and receive email for the company at companyname.biz, but as the server isn't resolving the companyname.biz website correctly I want to fix it to avoid problems in the future.

I've pinged no end of other domain names with all manner of TLD suffixes without any errors or problems; it's just the company external website that is not resolving correctly.

I've considered replacing the server LAN IP in the DNS forward lookup zone web server section with that of the ISP's DNS servers, but I'm reluctant to do this without taking advice first, as this is the only part of the installation that doesn't seem to be working properly.

I would very much appreciate good counsel on this issue.
Watch Question

is your Active Directory domain name the same as the website?

if so you will have to add DNS records on your internal DNS server to point to the external addresses
lojk.Net and Infrastructure Consultant

as brendan suggests adding a WWW record to point to the IP or Hostname of the website server should sort it (for internal users whose DNS server is that of the local/internal Domain Server).

The reply you are actually getting is the (lack of www) record for the root/default of the locally named domain.

Adding for clarity:

The suggestion is that the SBS server was (most likely) setup with the local domain/AD name of company.biz, whereas the suggested convention is company.local or beer.local or anything but the external name.



Thanks for your interest.

The local domain name is entirely different from the company's public domain name, and ends in .local as per MS recommended practice.

The only place that the public domain name was used during setup was when the Exchange server was being set up, so that email would be routed to the latter via remote.companyname.biz  
The email is working as expected.

If it is necessary to add or modify DNS records on the SBS box, which one(s) need to be changed?

You need to setup the the Forward Lookup zone as per your external domain and create a Host A record for you website URL with the ISP IP. When creating a zone also remember to set appropriate MX record entries for your email server.


Abdulalikhan, can you give/show me a walkthrough of exactly what I should do?

It also appears that a number of sites, especially ones that use secure connections, don't load in IE, saying "Cannot display web page", which may or may not be related to this issue.

The MX record setup appears to be correct, as the email works fine, so I don't want to fix anything that isn't broken...

Actually secure websites is not realted to this and is a different problem.

For DNS when you create a Zone for companyname.biz all the name resolution for companyname.biz for internal users will be entertained by this zone. For name resolution for companyname.biz you need to enter the proper host 'A' record or appropriate DNS record.

For your scenario you need to enter atleast two host A record,



I've just looked in the Forward Lookup Zones at the companyname.biz zone and I can see that the name server is the SBS box, and the A record is its LAN IP address.

Should I replace the A record with the IP address that I get when I ping www.companyname.biz from outside the local domain?

Or should I add another A record with this information?

Also, the name server field seems to expect a name and not an IP address, so how do I tell the zone about the ISP's name servers?

If the 'www' entry exist then modify it and point it to the public IP address. If the entry dont exist then create one with the public IP address.

No need to put the ISP server name.
DrDave242Principal Support Engineer

Just to clarify, when you say you're pinging the website by name from inside the network, are you pinging companyname.biz or www.companyname.biz?  It makes a big difference in this case.


Well, the plot thickens...

It seems that, for reasons known only to itself, the SBS setup generated a forward lookup zone for companyname.biz, in addition to the ones needed for mail, OWA, etc. at remote.companyname.biz.
I've deleted this zone, and flushed the DNS caches on the client machines, and, lo and behold, everything seems to work properly now.

I'm going to wait a day or two to make sure I haven't exchanged one problem for a dozen others, but so far it's looking good.

Hope the problem dont appear again.
Deleting the forward lookup zone for the external domain name seems to have cured the problem entirely - there have been no more DNS issues.

As the solution wasn't suggested by any of the contributors (my thanks to you all anyway), it seems reasonable to accept my own input as the answer.
If there are no objections to this I will close the question in a couple of days.


The solution wasn't suggested by any of the contributors, so it seems reasonable to accept my own input as the answer.<br />I still don't know why SBS 2011 setup added the forward lookup zone for the external domain name to the server's DNS records, but deleting it has certainly fixed the problem.