Avatar of websss
Flag for Kenya asked on

internal website - how to configure DNS to stay internal?


We have 1 internal DNS/active directory setup as hss.com

However, I want to setup the domain name internal.company-name.com to be handled internally and not go external

I have configured the website and IIS to work with the domain name internal.company-name.com

However, I don't know how to configure the internal DNS to point to this internal IP

All the youtube videos i watch all refer to the Same domain name
i.e. the DNS is setup on mydomain.com
and then internal websites are subdomains on intranet.mydomain.com

however, i have 2 different domains, HSS.com and company-name.com

DNSActive DirectoryWindows Server 2008

Avatar of undefined
Last Comment
Sandesh Dubey

8/22/2022 - Mon

If your windows domain name is HSS.com, and you wanted an internal website at test.hss.com, I think those youtube videos are clear.
If you want a totally different domain in your DNS, add this domain first:

Forward > New Zone (all default, click OK, until you can fill in the name : company-name.com)
After that, inside the new folder company-name.com add an A record for test (if you want the website to be test.company-name.com)


We did that

And then ran
Tracert test.company-name.com

however, it still goes external
We also ran FLUSH DNS

Are we missing anything?
Brett Danney

You need to add a new zone into your DNS server so, internal.company-name.com in this example. So in DNS you will have both a hss.com zone and a internal.company-name.com zone.
In this new zone you will be able to create anything.internal.company-name.com and point the anything to the internal IP address. You will need to manually add any entry created in the internal.company-name.com zone into the reverse lookup zone.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes

If possible, please post some screenshots of your dns management console ?
Does this even happen on the dns server itself or only on a client ?
Do an nslookup command on the dns server, and on a client, and post the results.
Brett Danney

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Alan Gunn

I believe what you are after is a "Split-brain" DNS setup.

If there are resources on the internet that are  in zone "companyname.com" and you also have internal resources in the "companyname.com" zone the DNS servers have to have a method of agreeing which ercords are pblic and which are private.


Alternatively, If you are having problems where you try to access the internal web site an dit sends the traffic to the intenret proxy you need to configure tyour web browsers with a rule that does not send all traffic to the proxy.
Either the rules can be set in IE or a Proxy Automatic Configuration (PAC )script can be used.



We got it working but the main website stopped working www.company-name.com

however the website did work if you went to company-name.com

What did we do wrong?
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Brett Danney

You just need to add a record for www and put the IP address of the web server.
Bruno PACI


Solutions given by other experts here are quiet good but it requires you to recreate a full copy of the dns zone... Let me explain:

Let suppose you want your internal clients to access www.company-name.com through its internal IP address but still want other names in the company-name.com dns zone to be externally resolved, you can't apply these solutions, or you'll have to recreate all DNS records of the external "company-name.com" zone in your internal copy of this zone ! That can be long and hard to maintain.

If your goal is to intercept only one name of an external DNS zone and make this particular name to be internally resolved to the IP of your choice, the easiest way is to create a DNS zone that has the name of the FQDN you want to intercept. Here is a an example:

To intercept the DNS name www.company-name.com, on your internal DNS servers you create a forward DNS zone that is named "www.company-name.com" (the DNS zone name must match the whole FQDN you want to intercept).
Then in this DNS zone you create a new A record. In the properties window for the new record you leave the "name" field blank and only fill the IP address field.
Save the record and take a look at your DNS zone content. you should see a A record named "same as parent" with the IP you typed.

Then if you try to PING www.company-name.com from an internal client your internal DNS server will match the request with the DNS zone it now know "www.company-name.com" and as there is a "same as paren" record in it it will resolve the name www.company-name.com to the IP of your choice.

Have a good day
Sandesh Dubey

All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck