Link to home
Start Free TrialLog in
Avatar of Synergon
SynergonFlag for United States of America

asked on

External Web Site Access

Good morning,

I have a 2003 SBS domain (i.e. 123.com) and a website that is hosted outside of the domain with the same domain name.  From within the network, I am unable to access the website but I can access it from outside the internal network.  I modified the Hosts file on one of the systems to reflect the public address and the website name (i.e. www.123.com) but it gave me an error 500 on the page.  I have tried adding an Alias www entry in DNS but it did not work.  Any help with this issue is much appreciated.
Avatar of Hattrick96
Hattrick96
Flag of United States of America image

In IIS, go into the properties of the website and look at the security settings. There is a spot where you can allow/disallow IP ranges.  The first place I'd check is to make sure internal ranges are allowed.  Also, check the local Windows Firewall to makes sure there are no firewall-related blocks going on.
Avatar of Rob Williams
Presumably in DNS you have a forward lookup zone  123.com, if not you need to create it.  Then you need to create a Host (A) record that woints  www to the IP of your Web site.

The problem is your server handles DNS for your domain and it has no record for www, and because it is autoritive for the domain, it does not forward the DNS request to an outside DNS server such as your ISP's.   Normaly you would use a different internal domain such as 123.local to avoind this problem, but with SBS you cannot change this after the server is built.
Without the host entry, when you do a nslookup www.123.com what is the IP address being returned? If you get the proper IP of the server, then it either is an issue with the firewall blocking IP's or part of the web server's bindings that may have host header redirection.

Check this setting in IIS:
Web site (right click) Properties
Web Site Tab ... Advanced Button
Do you have multiple identifies for the web site?  Is the host header value blank?  If not, you need a record for www.123.com or to remove the value.
Avatar of Synergon

ASKER

From the SBS, I run the nslookup and then the www site and it resolved to the internal IP address of the SBS (it only has one NIC).  If I ping the full www.site.com name from the SBS, it resolves to its public address.

I attempted to create a forward lookup zone as suggested, but I don't think I did it correctly.  I did create the A record for www and put in the public address and I even modified the Hosts file with the public address and then the www.site.com to no avail.

Incidentally, I noticed that when I created the www record on the SBS, the other two DNS servers added a www record but pointed it to the SBS.  The other two are 2000 servers.  It may mean nothing.
The nslookup will always pull the DNS's entry for a host name while the ping will look at the host file.  This is why you got the two different IP's being returned.

When you are within the network, can you access the site via the internal and external IP's?  If you can get the site via IP and not DNS, this confirms the issue as DNS related.
Hattrick96, the website is external and not hosted on the SBS.

RobWill, I understand the concept of naming the internal domain differently from the actual domain.  Unfortunately, I inherited this mess.  I appreciate your help.  Can you shed some light on how to add a forward lookup for the domain?  I have scoured the Internet but have had no positive luck yet.

mmahaek, as I initially stated, the website is not hosted internally.  It is hosted by another company but it is using the same domain name as the internal domain.

I misspoke in my initial post.  I created an "A" record and not an "Alias".  Even so, it still did not work.  Nothing seems to be working.  I will tackle this tomorrow.  Any help is appreciated.  Thanks in advance.
Okay.  I wasn't sure if "hosted outside the domain" meant off site or internally but not domain joined.
If your nslookup for www.123.com on the SBS server returned the IP of the SBS server, then the DNS record is not pointing to the correct location.
I'm assuming all your internal workstations point to the SBS server for DNS resolution.
Correct.  The SBS is the primary DNS server to which all workstations point.
If the internal and external Domain name is the same, i.e the same suffix such as 123.com, there should already be a 123.com zone under Forward Lookup Zones.  Is that the case?  We can proceed from there.

Ideally you want to have something similar to the attached image
DNSCapture1.JPG
RobWil, there is a zone for the domain and I have added the www record pointing to the website public IP address but still no systems or servers can get to the site.  "HTTP 500 - Internal server error" is what is reported on the web page.  I am sure it is something simple that I am missing here.
Is the web site accessible by that IP?  Some use host headers and are not accessible in that way.t test by using  http://123.123.123.123

Also don't forget to flush the DNS cache
ipconfig  /flushdns
I did flush the DNS cache and tried to get to the site using the IP address as you said but I just get the following default page message:  "If you feel you have reached this page in error, please contact the web site owner".  I get the same thing from my external system but the website comes up when I enter the URL.
ASKER CERTIFIED SOLUTION
Avatar of Rob Williams
Rob Williams
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I am splitting up the points because both persons were helpful in the resolution to the problem.  And here it is:

A forwarder was in place from the old website pointing to the new one.  I called the hosting company and had it removed.  After that was done, I was able to access the website from the internal network.  The other problem is that any pictures or links on the site were redirecting to the SBS because the www. was left out of the domain name URL associated with them.  Each time the home page loaded, I had to click cancel on logon prompts that were the result of the pictures trying to open on the SBS.  So, I have contacted the company who maintains the website and let them know they need to add the www. to the domain name.  This should fix the issue.  Thanks for your time and efforts.