Solved

Sharepoint 2010 External Facing

Posted on 2012-03-20
12
538 Views
Last Modified: 2012-03-20
Don't we all love sharepoint, there are always questions. I have a couple about setting up for External Access to all employees so this can be used outside the local network.
But first I was doing this on local dns to check and make sure the external names would work when selecting links on different pages.  
Then my second question would be do I need one certificate for each site name or one certificate with both site names?

Things that have been Done

IIS manager the sites are set for windows Authenication.

I have alternate mapping setup in sharepoint
Default http://mysite.local.org   Internet http://mysite.domain.org
Default http://intranet.local.org  Internet  http://sharepoint.domain.org

In IIS manager
The each local site has a binding for mysite.domain.org  

In Local DNS Forward Zone
Both local Sites have A records for local.org attached to Server IP (which work)
PTR records created for mysite.domain.org pointing to ip.local.org
CNAME record created for mysite.domain.org connecting to mysite.local.org
CNAME record created for sharepoint.domain.org connecting to intranet.local.org

When I use nslookup mysite.local.org shows Server IP and the website works
nslookup on mysite.domain.org resolves mysite.local.org, ip, and aliases same results with intranet site
but when entering mysite.domain.org in the browser it doesn't show the site same with sharepoint.domain.org

It's pointing to the correct local DNS , I've done dnsflush & register, IISreset on Sharepoint, deleted temp content/cookies from internet, added to trusted sites.

Any help is appreciated. What steps am I missing.
0
Comment
Question by:thomasdavis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
12 Comments
 
LVL 8

Author Comment

by:thomasdavis
ID: 37743107
To add to this I configured the cross-firewall access zone in central admin so in Site information under either site is shows the correct external site
0
 
LVL 38

Assisted Solution

by:Justin Smith
Justin Smith earned 500 total points
ID: 37743858
To answer your second question.....you aren't using https, so you don't need certificates period.

I'm not clear on what your first question is.

I will say, when you add an AAM to a web app, you have to go into IIS and manually add the corresponding binding.  DId you do this?  Each of your sites in IIS should have two bindings.
0
 
LVL 8

Author Comment

by:thomasdavis
ID: 37743918
My first question is I'm trying to get the AAM names to work on the local network sharepoint.domain.org and mysite.domain.org but nether will display the site in a browser.

Yes the bindings in IIS are added to each site
mysite.local.org  = host name - mysite / port 80 / host name - mysite.domain.org / port 80

intranet.local.org = host name - intranet.local.org / port 80  / host name - sharepoint.domain.org / port 80
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 38

Expert Comment

by:Justin Smith
ID: 37743940
When you ping the domain.org names, you get the correct internal IP address?
0
 
LVL 8

Author Comment

by:thomasdavis
ID: 37743955
When using a Ping i don't the internal IP from domain.org sites
0
 
LVL 38

Assisted Solution

by:Justin Smith
Justin Smith earned 500 total points
ID: 37743965
I don't understand your response.  Are you saying when you ping the address, it doesn't resolve an IP at all?

I'm 99% sure this problem resides outside of SharePoint.  EIther DNS or network/routing.
0
 
LVL 8

Author Comment

by:thomasdavis
ID: 37744141
Right when i ping the external site address i don't receive an IP, i figured it had to do with both sharepoint and dns. I wanted to make sure everything in sharepoint was set up correctly first.
Now i need to figure out what type record in DNS needs to be created to send sharepoint.domain.org to internal.local.org or sharepoint.domain.org to 0.0.0.0.
0
 
LVL 38

Expert Comment

by:Justin Smith
ID: 37744164
Just make them CNAMES and point them to  your internal server name (not internal sp name).
0
 
LVL 8

Author Comment

by:thomasdavis
ID: 37744199
The only problem is when I create a CNAME in local dns the alias name is sharepoint.domain.org.local.org.  So do i create a sub domain in DNS called domain.org then create a cname pointing to local.org
0
 
LVL 38

Assisted Solution

by:Justin Smith
Justin Smith earned 500 total points
ID: 37744224
Do you have two forward zones in DNS?  One for domain.local, and one for domain.org?

If so, you add a CNAME to the domain.org zone called sharepoint and point it to servername.domain.local.  You do the same thing for mysite.
0
 
LVL 8

Author Comment

by:thomasdavis
ID: 37744246
I only have one for local.org .  So do I need create a sub zone with domain.org
0
 
LVL 38

Accepted Solution

by:
Justin Smith earned 500 total points
ID: 37744256
You need another forward lookup zone, for domain.org.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
In case you ever have to remove a faulty web part from a page , add the following to the end of the page url ?contents=1
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question