Solved

Unable to access internal website -- DNS Issue

Posted on 2013-10-27
7
337 Views
Last Modified: 2013-11-02
hi Experts,

One our client is not able to access their own website.
To troubleshoot I did the following
1) gave unlimited internet access to a user in firewall and tested as that user.
2)Ran a tracert and that pointed to right ipaddress
3) ran a ping (for both ip and name)
4) in DNS there is a zone under company name. If I delete that zone it works without a problem. Problem is we need to have zone name with company name. users have exchange server and there are records for mail, owa, auto discover in that zone. There is a record for www and it is pointing to right ipaddress.
5) I restarted DNS server service

Can you please assist me in fixing this issue?
0
Comment
Question by:ukitsme
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 25

Expert Comment

by:-MAS
ID: 39604859
Did you try nslookup with "www.websitename.com" and "websitename.com" from the problematic client

please post the error details
0
 
LVL 8

Expert Comment

by:piyushranusri
ID: 39604954
can you resolve the domain name of the website to an ip address?

Can you get to the website via the Internal IP address of the server

what does an nslookup for the website fqdn return?

check the DNS, that did you allready added entry with same name,,

might be that your internal DNS server is giving back the WAN IP address when asked for www.abcd.com and your modem/router does not support feeding data back to the LAN interfaces when a request is made of its WAN IP from within the LAN. This is very common on home and SOHO modems.


please share the output
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 39605717
It sounds like a firewall issue.  The www record probably points to the external IP address.  

When the internal users hit that address in the firewall, it points back inside (hairpinning).

You need to create the NAT for that private/public IP in the firewall to have 'dns doctoring' configured.  This way when internal users go to reach the public IP of a host that sits inside the firewall with them, the firewall will return the private IP instead of the public IP.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 1

Author Comment

by:ukitsme
ID: 39606749
Sorry looks like there is some confusion is here.
Web site is hosted by a 3rd party. My www record is pointing to external ip.

hi abbasiftt,

yes I tried both of them.

hi piyushranusri,
can you resolve the domain name of the website to an ip address?
yes I can

Can you get to the website via the Internal IP address of the server?
Web server is hosted by a 3rd party. I created a record to www to point to that external ip

what does an nslookup for the website fqdn return?
it points to right ipaddress. Strange part is nslookup from my computer is pointing to right ipaddress. When I log into client server/computer it is pointing to same ipaddress but user is not able to access web site. please note there is no proxy setup.

check the DNS, that did you already added entry with same name,,
I already checked it. There are only 5 records in the Zone.
4 records  for exchange and 1 for www.

hi _jesper_,

I created a rule in firewall LAn -WAN (ipaddress of the client I am logged into to allow all) and it is on top of the list.
I uninstalled Antivirus and disabled windows firewall
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 39606784
you need to install 'dig' (comes standard with *nix bind distributions).  if you are running windows, you will need to download it and:

/path/to/dig www.domain.com +trace

ee recommends that public domain names not be published but there is no violation of security if you do so.  

that will make it easier to troubleshoot.
0
 
LVL 1

Accepted Solution

by:
ukitsme earned 0 total points
ID: 39607670
Managed to fix it.

Under name of the zone I created host A record leaving name space blank and that fixed the issue.
0
 
LVL 1

Author Closing Comment

by:ukitsme
ID: 39618580
Found a fix for the issue.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question