how configure my DNS server

Hello I have a domain with inside pc's must to resolve a name to an internal IP, the out pc's have to resolve the same name to the dyndns service to get the ip.

In resumen, I have to configure my DNS to resolve the to the ip

Who is Participating?
Zeusie, it looks like the intent is to have the same FQDN resolve to different addresses depending upon client location.  From outside the network, it should resolve normally via the DynDNS service.  From inside the network, the name should resolve to the private address (

Do the inside machines ever move outside (laptops)?  You could handle this in a couple of ways, but resolving a host to different addresses can create interesting troubleshooting scenarios.

- Add to the HOSTS file of the inside machines.  This is not dynamic, and is painful to maintain, but may provide an option.
- Create a zone for on your DNS server.  You could then modify the internal resolution of this name by manipulating records within your control.  Need to be careful here to make sure that you don't accidentally convince your internal clients that you're authoritative for the entire domain.
- Maybe a hybrid which uses a CNAME instead of the FQDN?  If you have a split-horizon DNS implementation, this may be the most elegant of less than ideal options.

Kind regards.
Sorry can you please ask the question again. What you are saying does not make any sense in the slightest.
Do you have an internal DNS server?

If so make the internal server authoritative for the zone.  Add your A record to  

Any clients using the internal DNS server (DHCP CLIENTS?) will resolve from the internal server.  If they leave the network (take the laptop home) they will resolve it from the world servers and get the dynamic IP.

We use this sort of setup to blacklist DNS zones.
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

This is basically a restatement of kevinhigg's second option.
If you only have one host name that needs to resolve to an internal IP when inside your network, but you need all other hosts (FQDNs) that are part of to always resolve to their public IPs; instead of creating a forward lookup zone for "", you can create a zone for "" and create an A record inside it with a blank name that points to  If you create a zone called "", then your internal clients will not be able to resolve any DNS names that end with that you have not explicityly created records for.
limmontreefreeAuthor Commented:
I apologize for answering you so late.

Afeter reading you, I noticed the question is more complex.

I have a Domain with a ForeFront TMG,  a SharePoint Server, a, Exchange Server and a Remote Desktop Server.

The external IP is dynamic  and I use dyndns service to solve this. I have declared four CNAME zones in the internet DNS.


www         internal IP
mail          internal IP
Intranet     internal IP
appv         internal IP

 ie three solve the same IP, In the company web site i have three link in the main menu to these Cname and is the TMG reading the head that redirect to the internal IP that is diferent for each server.

Actually all works fine but if the Internet Router is down don't work the Remote Dekstop because all the conecttion are to

 But if I configure in my internal DNS, INTERNALLY all the request to the sharepoint using the web page links will not work .

Thanks for your patience and for the effort of trying to understand my bad English
Sorry, I'm having trouble understanding.  You haven't made any changes yet have you?  Let me try to restate your problem in my own words, and you can tell me if I'm wrong.

So, in your public DNS you have records as follows:

The (from the internet) of course points to your dynamic IP.

You want to configure your internal DNS so that if the router for the internet is down you can still reach all your sites using the same DNS names (www, mail, etc.).

You mentioned that you configured in your internal DNS.  What kind of record did you create and where did you point it?

I'm guessing that when you say Remote Desktop, you mean you have are using Remote App.  I'm not too familiar with the configuration of Remote App and what URLs it references.

Same with SharePoint - if I remember correctly it can do some rewriting of URLs for when it is being accessed from either the LAN or the WAN.  Can you explain more what you mean when you say "all the request to the sharepoint using the web page links will not work"?  Is this only when the the internet router is down?  Do the links point to ""?

However, what I think you will have to do is:
On your internal DNS, create records for www, mail, intranet, appv that point to  If the name for your internal AD domain is the same as you use on the internet, then you can just create the CNAME records in the Forward Lookup Zone for your domain, but if the name for your internal AD domain is different than the domain name you use on the internet, then you will have to create a new Forward Lookup Zone with the same name as your internet domain name, and create the CNAME records in there.  Then you will also have to create a Forward Lookup Zone called, and create one A record in it that has a blank name (don't enter anything) and point it at the internal IP of your TMG.  Then you have to make sure that the weblisteners on your TMG listen to both the external and the internal interfaces if they don't already.
limmontreefreeAuthor Commented:
Hello Footech, thanks for answer.

I think I undestand you, I'll try to do it, and I'll tell you if I have problems.

Thanks you
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.