Solved

internal website - how to configure DNS to stay internal?

Posted on 2013-11-19
10
350 Views
Last Modified: 2014-01-10
Hi

We have 1 internal DNS/active directory setup as hss.com

However, I want to setup the domain name internal.company-name.com to be handled internally and not go external

I have configured the website and IIS to work with the domain name internal.company-name.com

However, I don't know how to configure the internal DNS to point to this internal IP

All the youtube videos i watch all refer to the Same domain name
i.e. the DNS is setup on mydomain.com
and then internal websites are subdomains on intranet.mydomain.com

however, i have 2 different domains, HSS.com and company-name.com

Help!
0
Comment
Question by:websss
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 35

Expert Comment

by:Kimputer
ID: 39658702
If your windows domain name is HSS.com, and you wanted an internal website at test.hss.com, I think those youtube videos are clear.
If you want a totally different domain in your DNS, add this domain first:

Forward > New Zone (all default, click OK, until you can fill in the name : company-name.com)
After that, inside the new folder company-name.com add an A record for test (if you want the website to be test.company-name.com)
0
 

Author Comment

by:websss
ID: 39658803
Thanks

We did that

And then ran
CMD
Tracert test.company-name.com

however, it still goes external
We also ran FLUSH DNS

Are we missing anything?
0
 
LVL 13

Expert Comment

by:SagiEDoc
ID: 39659046
You need to add a new zone into your DNS server so, internal.company-name.com in this example. So in DNS you will have both a hss.com zone and a internal.company-name.com zone.
In this new zone you will be able to create anything.internal.company-name.com and point the anything to the internal IP address. You will need to manually add any entry created in the internal.company-name.com zone into the reverse lookup zone.
0
How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

 
LVL 35

Expert Comment

by:Kimputer
ID: 39659048
If possible, please post some screenshots of your dns management console ?
Does this even happen on the dns server itself or only on a client ?
Do an nslookup command on the dns server, and on a client, and post the results.
0
 
LVL 13

Accepted Solution

by:
SagiEDoc earned 500 total points
ID: 39659054
This explains how to add a new zone, let me know if you still want screenshots:

How to Create a Forward Lookup Zone

To create a new forward lookup zone:
Start the DNS snap-in. To do this, click Start, point to Administrative Tools, and then click DNS.
Click the DNS Server object for your server in the left pane of the console, and then expand the server object to expand the tree.
Right-click Forward Lookup Zones, and then click New Zone. The New Zone Wizard starts. Click Next to continue.
Click Primary zone to create a master copy of the new zone. Click Next.
In the Name box, type the name of the zone (for example, type _tcp.example.com, and then click Next.

NOTE: This name is typically the same as the DNS suffix of the host computers for which you want to create the zone.
On the Zone File page, accept the default file name for the new zone file, and then click Next.
Click Next.
Click Finish.
The new zone is listed under Forward Lookup Zones in the DNS tree.
0
 
LVL 6

Expert Comment

by:Alan Gunn
ID: 39659135
I believe what you are after is a "Split-brain" DNS setup.

If there are resources on the internet that are  in zone "companyname.com" and you also have internal resources in the "companyname.com" zone the DNS servers have to have a method of agreeing which ercords are pblic and which are private.

 http://windowsitpro.com/networking/split-brain-dns

Alternatively, If you are having problems where you try to access the internal web site an dit sends the traffic to the intenret proxy you need to configure tyour web browsers with a rule that does not send all traffic to the proxy.
Either the rules can be set in IE or a Proxy Automatic Configuration (PAC )script can be used.

TRM
:-)
0
 

Author Comment

by:websss
ID: 39659180
Hi

We got it working but the main website stopped working www.company-name.com

however the website did work if you went to company-name.com

What did we do wrong?
0
 
LVL 13

Expert Comment

by:SagiEDoc
ID: 39659185
You just need to add a record for www and put the IP address of the web server.
0
 
LVL 16

Expert Comment

by:Bruno PACI
ID: 39659869
Hi,

Solutions given by other experts here are quiet good but it requires you to recreate a full copy of the dns zone... Let me explain:

Let suppose you want your internal clients to access www.company-name.com through its internal IP address but still want other names in the company-name.com dns zone to be externally resolved, you can't apply these solutions, or you'll have to recreate all DNS records of the external "company-name.com" zone in your internal copy of this zone ! That can be long and hard to maintain.

If your goal is to intercept only one name of an external DNS zone and make this particular name to be internally resolved to the IP of your choice, the easiest way is to create a DNS zone that has the name of the FQDN you want to intercept. Here is a an example:

To intercept the DNS name www.company-name.com, on your internal DNS servers you create a forward DNS zone that is named "www.company-name.com" (the DNS zone name must match the whole FQDN you want to intercept).
Then in this DNS zone you create a new A record. In the properties window for the new record you leave the "name" field blank and only fill the IP address field.
Save the record and take a look at your DNS zone content. you should see a A record named "same as parent" with the IP you typed.

Then if you try to PING www.company-name.com from an internal client your internal DNS server will match the request with the DNS zone it now know "www.company-name.com" and as there is a "same as paren" record in it it will resolve the name www.company-name.com to the IP of your choice.


Have a good day
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39661286
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question