[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 762
  • Last Modified:

unable to access external website from inside corporate network

Running Windows Server 2008 R2 with AD.  Website is externally hosted.  Everything was working fine until our external nameservers were deleted.  We recreated them and reentered all the DNS records.  External devices can access the website with no problem.  Devices inside our network can't find the website.  Pinging from any internal computer resolves to the correct IP, but the website still will not come up.  No other changes to our internal DNS server, firewall have been made.  Any help at all would be appreciated!
0
smoakin
Asked:
smoakin
  • 4
  • 3
1 Solution
 
carlmdCommented:
When you ping from LAN do you get a response? If so, run a tracert and see where it stops.

Can you access the website using the ip (http://x.x.x.x) instead of the URL?
0
 
smoakinAuthor Commented:
I ran a tracert from both inside and outside the LAN to the website URL.  Both were almost identical except the tracert from inside the LAN timed out at the end.  The external tracert had the final hop to the web site IP.

Trying to access the website from inside the LAN using the IP address fails in the same way.  Trying to access the website from outside the LAN brings up a default error page, presumably from the hosting server.
0
 
carlmdCommented:
If this is a public web site can you share the URL?

When you try to access the site are you using a URL like http://www.mysite.com or http://mysite.com.

If you do an nslookup on the URL, I assume it does not resolve, correct?

Try "telnet URL 80"
hit a few characters and carriage returns.
Do you get a response something like...

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 29 Oct 2013 10:09:58 GMT
Connection: close

Try the same using the ip address.
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
smoakinAuthor Commented:
I hope you don't mind but I would rather stay under the radar on the website URL.

I've tried both www.mysite.com and mysite.com.  Both fail inside and both succeed outside the LAN.

nslookup on the URL is successful from both inside and outside the LAN.

telnet to the website URL failed from both inside and outside the LAN

telnet to the website ip address from inside the LAN failed to connect
telnet to the website ip address from outside the LAN was a little different but also eventually failed.
0
 
carlmdCommented:
Given that the site works everywhere but on your LAN I see only a few possibilities...

1. Your firewall is blocking access to this site. Can you plug a laptop directly into your router (outside firewall) and try the site from there?

2. There is something at the site blocking your WAN ip address from accessing it. You say the site is hosted outside, have you asked the hosting company to check your attempted access.

Try accessing the site using a proxy server to see is that works...

Use either:

https://www.kproxy.com/

or

http://hidemyass.com/
0
 
Miguel Angel Perez MuñozCommented:
This external website is on a DMZ in your LAN? maybe you have a routing problem between LAN and DMZ.
0
 
smoakinAuthor Commented:
I will have to try these options when I get to the office tomorrow.

The website is not on a DMZ.
0
 
smoakinAuthor Commented:
As it turned out, it was a problem with the website hosting company.  They made a correction on their end and the problem was resolved.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now