Solved

internal website - how to configure DNS to stay internal?

Posted on 2013-11-19
10
338 Views
Last Modified: 2014-01-10
Hi

We have 1 internal DNS/active directory setup as hss.com

However, I want to setup the domain name internal.company-name.com to be handled internally and not go external

I have configured the website and IIS to work with the domain name internal.company-name.com

However, I don't know how to configure the internal DNS to point to this internal IP

All the youtube videos i watch all refer to the Same domain name
i.e. the DNS is setup on mydomain.com
and then internal websites are subdomains on intranet.mydomain.com

however, i have 2 different domains, HSS.com and company-name.com

Help!
0
Comment
Question by:websss
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 35

Expert Comment

by:Kimputer
ID: 39658702
If your windows domain name is HSS.com, and you wanted an internal website at test.hss.com, I think those youtube videos are clear.
If you want a totally different domain in your DNS, add this domain first:

Forward > New Zone (all default, click OK, until you can fill in the name : company-name.com)
After that, inside the new folder company-name.com add an A record for test (if you want the website to be test.company-name.com)
0
 

Author Comment

by:websss
ID: 39658803
Thanks

We did that

And then ran
CMD
Tracert test.company-name.com

however, it still goes external
We also ran FLUSH DNS

Are we missing anything?
0
 
LVL 13

Expert Comment

by:SagiEDoc
ID: 39659046
You need to add a new zone into your DNS server so, internal.company-name.com in this example. So in DNS you will have both a hss.com zone and a internal.company-name.com zone.
In this new zone you will be able to create anything.internal.company-name.com and point the anything to the internal IP address. You will need to manually add any entry created in the internal.company-name.com zone into the reverse lookup zone.
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 39659048
If possible, please post some screenshots of your dns management console ?
Does this even happen on the dns server itself or only on a client ?
Do an nslookup command on the dns server, and on a client, and post the results.
0
 
LVL 13

Accepted Solution

by:
SagiEDoc earned 500 total points
ID: 39659054
This explains how to add a new zone, let me know if you still want screenshots:

How to Create a Forward Lookup Zone

To create a new forward lookup zone:
Start the DNS snap-in. To do this, click Start, point to Administrative Tools, and then click DNS.
Click the DNS Server object for your server in the left pane of the console, and then expand the server object to expand the tree.
Right-click Forward Lookup Zones, and then click New Zone. The New Zone Wizard starts. Click Next to continue.
Click Primary zone to create a master copy of the new zone. Click Next.
In the Name box, type the name of the zone (for example, type _tcp.example.com, and then click Next.

NOTE: This name is typically the same as the DNS suffix of the host computers for which you want to create the zone.
On the Zone File page, accept the default file name for the new zone file, and then click Next.
Click Next.
Click Finish.
The new zone is listed under Forward Lookup Zones in the DNS tree.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 6

Expert Comment

by:Alan Gunn
ID: 39659135
I believe what you are after is a "Split-brain" DNS setup.

If there are resources on the internet that are  in zone "companyname.com" and you also have internal resources in the "companyname.com" zone the DNS servers have to have a method of agreeing which ercords are pblic and which are private.

 http://windowsitpro.com/networking/split-brain-dns

Alternatively, If you are having problems where you try to access the internal web site an dit sends the traffic to the intenret proxy you need to configure tyour web browsers with a rule that does not send all traffic to the proxy.
Either the rules can be set in IE or a Proxy Automatic Configuration (PAC )script can be used.

TRM
:-)
0
 

Author Comment

by:websss
ID: 39659180
Hi

We got it working but the main website stopped working www.company-name.com

however the website did work if you went to company-name.com

What did we do wrong?
0
 
LVL 13

Expert Comment

by:SagiEDoc
ID: 39659185
You just need to add a record for www and put the IP address of the web server.
0
 
LVL 16

Expert Comment

by:PaciB
ID: 39659869
Hi,

Solutions given by other experts here are quiet good but it requires you to recreate a full copy of the dns zone... Let me explain:

Let suppose you want your internal clients to access www.company-name.com through its internal IP address but still want other names in the company-name.com dns zone to be externally resolved, you can't apply these solutions, or you'll have to recreate all DNS records of the external "company-name.com" zone in your internal copy of this zone ! That can be long and hard to maintain.

If your goal is to intercept only one name of an external DNS zone and make this particular name to be internally resolved to the IP of your choice, the easiest way is to create a DNS zone that has the name of the FQDN you want to intercept. Here is a an example:

To intercept the DNS name www.company-name.com, on your internal DNS servers you create a forward DNS zone that is named "www.company-name.com" (the DNS zone name must match the whole FQDN you want to intercept).
Then in this DNS zone you create a new A record. In the properties window for the new record you leave the "name" field blank and only fill the IP address field.
Save the record and take a look at your DNS zone content. you should see a A record named "same as parent" with the IP you typed.

Then if you try to PING www.company-name.com from an internal client your internal DNS server will match the request with the DNS zone it now know "www.company-name.com" and as there is a "same as paren" record in it it will resolve the name www.company-name.com to the IP of your choice.


Have a good day
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39661286
0

Featured Post

Why do Marketing keep bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

Join & Write a Comment

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now