Solved

Sharepoint 2010 External Facing

Posted on 2012-03-20
12
534 Views
Last Modified: 2012-03-20
Don't we all love sharepoint, there are always questions. I have a couple about setting up for External Access to all employees so this can be used outside the local network.
But first I was doing this on local dns to check and make sure the external names would work when selecting links on different pages.  
Then my second question would be do I need one certificate for each site name or one certificate with both site names?

Things that have been Done

IIS manager the sites are set for windows Authenication.

I have alternate mapping setup in sharepoint
Default http://mysite.local.org   Internet http://mysite.domain.org
Default http://intranet.local.org  Internet  http://sharepoint.domain.org

In IIS manager
The each local site has a binding for mysite.domain.org  

In Local DNS Forward Zone
Both local Sites have A records for local.org attached to Server IP (which work)
PTR records created for mysite.domain.org pointing to ip.local.org
CNAME record created for mysite.domain.org connecting to mysite.local.org
CNAME record created for sharepoint.domain.org connecting to intranet.local.org

When I use nslookup mysite.local.org shows Server IP and the website works
nslookup on mysite.domain.org resolves mysite.local.org, ip, and aliases same results with intranet site
but when entering mysite.domain.org in the browser it doesn't show the site same with sharepoint.domain.org

It's pointing to the correct local DNS , I've done dnsflush & register, IISreset on Sharepoint, deleted temp content/cookies from internet, added to trusted sites.

Any help is appreciated. What steps am I missing.
0
Comment
Question by:thomasdavis
  • 6
  • 6
12 Comments
 
LVL 8

Author Comment

by:thomasdavis
ID: 37743107
To add to this I configured the cross-firewall access zone in central admin so in Site information under either site is shows the correct external site
0
 
LVL 38

Assisted Solution

by:Justin Smith
Justin Smith earned 500 total points
ID: 37743858
To answer your second question.....you aren't using https, so you don't need certificates period.

I'm not clear on what your first question is.

I will say, when you add an AAM to a web app, you have to go into IIS and manually add the corresponding binding.  DId you do this?  Each of your sites in IIS should have two bindings.
0
 
LVL 8

Author Comment

by:thomasdavis
ID: 37743918
My first question is I'm trying to get the AAM names to work on the local network sharepoint.domain.org and mysite.domain.org but nether will display the site in a browser.

Yes the bindings in IIS are added to each site
mysite.local.org  = host name - mysite / port 80 / host name - mysite.domain.org / port 80

intranet.local.org = host name - intranet.local.org / port 80  / host name - sharepoint.domain.org / port 80
0
 
LVL 38

Expert Comment

by:Justin Smith
ID: 37743940
When you ping the domain.org names, you get the correct internal IP address?
0
 
LVL 8

Author Comment

by:thomasdavis
ID: 37743955
When using a Ping i don't the internal IP from domain.org sites
0
 
LVL 38

Assisted Solution

by:Justin Smith
Justin Smith earned 500 total points
ID: 37743965
I don't understand your response.  Are you saying when you ping the address, it doesn't resolve an IP at all?

I'm 99% sure this problem resides outside of SharePoint.  EIther DNS or network/routing.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 8

Author Comment

by:thomasdavis
ID: 37744141
Right when i ping the external site address i don't receive an IP, i figured it had to do with both sharepoint and dns. I wanted to make sure everything in sharepoint was set up correctly first.
Now i need to figure out what type record in DNS needs to be created to send sharepoint.domain.org to internal.local.org or sharepoint.domain.org to 0.0.0.0.
0
 
LVL 38

Expert Comment

by:Justin Smith
ID: 37744164
Just make them CNAMES and point them to  your internal server name (not internal sp name).
0
 
LVL 8

Author Comment

by:thomasdavis
ID: 37744199
The only problem is when I create a CNAME in local dns the alias name is sharepoint.domain.org.local.org.  So do i create a sub domain in DNS called domain.org then create a cname pointing to local.org
0
 
LVL 38

Assisted Solution

by:Justin Smith
Justin Smith earned 500 total points
ID: 37744224
Do you have two forward zones in DNS?  One for domain.local, and one for domain.org?

If so, you add a CNAME to the domain.org zone called sharepoint and point it to servername.domain.local.  You do the same thing for mysite.
0
 
LVL 8

Author Comment

by:thomasdavis
ID: 37744246
I only have one for local.org .  So do I need create a sub zone with domain.org
0
 
LVL 38

Accepted Solution

by:
Justin Smith earned 500 total points
ID: 37744256
You need another forward lookup zone, for domain.org.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is one common problem that all we SharePoint developers share: custom solution deployment. This topic can't be covered fully in this short article, so all I want to do in this one is to review it from a development-to-operations perspectiv…
We had a requirement to extract data from a SharePoint 2010 Customer List into a CSV file and then place the CSV file into a directory on the network so that the file could be consumed by an AS400 system. I will share in Part 1 how to Extract the Da…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now