Routing Internally Based on External Host Name

We have an Edmarc 4550 Router, configured with a static IP address, let's say of
DNS settings for our domain associate the name with   When you're out of our network and you try to go to you are delivered to our router and it sends you to either our mail server ( or our RDP server ( depending on the port that you are using.

When internal to our network on 192.168.16.X, our users can't get to the requested service when trying to get to    We have to use internal host names to make it work.   Traffic is being routed to the public port of our Edgemarc, but the router doen't direct the request to the proper host.  

Our Edgemarc replaced a Juniper 5GT that had no problem routing things properly internally or externally.   What do I need to do to get the Edgemarc to handle this traffic properly?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jaroslav MrazCTOCommented:

sipmly add records to your internal DNS - DNS A  or chname records mail. to your WAN IP

so you can still acess

if you have only local domain in DNS simply add it
Daniel HelgenbergerCommented:
Its not clear to me what you want to archive, this?
External network: ->
Internal Network

Open in new window

If so, I want to add something to JEREMYNO's post.
You need to set up something called 'split DNS' - this means, you add the domain '' to your local DNS and add an A record for all the hosts necessary to reach from the insite, say, to their current IP's.

But, for instance for, you add an A Record pointing to your local machine's private address. You can do so with any number of hosts but will need to replicate any changes to the real outside (authoritative) domain ''.

Since your internal domain system will always query the local database first, you end up reliably to the hosts you want. Users on the outside cannot query your internal DNS, they will be fine, too.
This setup is fairly common and often used with Exchange, since you will soon not be able to get certificates for local domains any more. Also, from the user's point of view, it is much more transparent.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
kdubendorfAuthor Commented:
Maybe I'm missing something in the explanation.   The problem I have is that the domain IP should resolve to different Interneal addresses depending on the service involved.

For email I need it to resolve to my mail server at

For RDP I need it to resolve to my RDP server at

I don't think DNS handles addressing based on Ports.   So I'm thinking somehow I have to make sure that this is handled by the router since it knows how to make the right routing decision.
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

kdubendorfAuthor Commented:
Just to try to provide add further clarity to my question.

I'm directing external requests to the proper host by port forwarding on the router.  It apparently doesn't do a very good job of handling this from my private addresses (internal).
Daniel HelgenbergerCommented:
Maybe I'm missing something in the explanation.   The problem I have is that the domain IP should resolve to different Interneal addresses depending on the service involved.

Plain DNS cannot do that. SRV records are doing exactly that:
But - neither RDP nor SMTP are using them by protocol, only mail submission. Maybe there are RDP clients witch do lookup SRV records.

What you can do, is redirect the different ports on on each port of both hosts to the other server with a NAT port redirect; see here for iptables; I do not know about windows:

May this something you can do?
Jaroslav MrazCTOCommented:

yes DNS dont use port DNS is only IP but your router will routes trafic corectly to the port you have setuped in cfg.

So if you make internaly DNS record that to your WAN IP trfic will berouted by router to corect port.

Is it more understandable?
kdubendorfAuthor Commented:
I've been spoiled by the old Juniper routers that I used.   The feature that I'm looking for is support of SNAT.   Juniper could handle it.  Edgewater has informed me that they don't support it.

It was most important that users' cell phones would pick up their email when in the office so I tried helge000's suggestion and implemented a Split DNS using directions that I found on Matt Gibson's blog:

Once cache's were flushed it worked fine.   Thank you both for your input.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Protocols

From novice to tech pro — start learning today.