Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 681
  • Last Modified:

Resolve external DNS for email server when in the same lan as the server

Sorry EE a little brain dead today, hope this one is simple:

Have an email server in lan.  Have a windows network with a dns server in lan.  Probably incomplete dns set up on server.  Outside of lan, public dns for email server works fine, inside the lan, no dice.  The email server is in the lan but not joined to the domain (an exchange clone.)

How to finish the dns set up so that when in the lan, public dns record resolves as it does when outside the lan?
0
VirtualKansas
Asked:
VirtualKansas
1 Solution
 
Seth SimmonsSr. Systems AdministratorCommented:
please define "exchange clone"
what email server is this?  how is it working not part of the domain?
0
 
KimputerCommented:
I'm assuming your DNS server isn't working properly right now. Is it resolving internal addresses properly? If so, the only thing you need is to add a forwarding DNS server (for ease, just use 8.8.8.8, which is Google's public DNS server).
0
 
Sarang TinguriaSr EngineerCommented:
Do you have DNS Server joined to Domain..?
Is it windows DNS server or something else..?
Do you mean that your email does not work in internal LAN?
What is your email domain name and Local domain name (AD domain name)..??

Please answer above questions so I can come up with more as you original query is bit incomplete :-)
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 
VirtualKansasAuthor Commented:
OK EE, back online.
DNS Servers (3 DC's with one PDC) are all joined and managing Domain
Windows with AD integration, yes
EMail DNS does not resolve on LAN, but does on public side of firewall
The email server is not joined to the domain, but does have a DNS entry mail.[domain].world, where external DNS is mail.[domain].com

Kimputer response is likely my issues, not having a forward set to public DNS.  Likely missed that step in initial DNS set up in the rush to get the LAN side of domain live.
0
 
footechCommented:
If machines in your LAN can browse to the internet, then adding a forwarder is likely not to help (though it is often preferred over using root hints).  Often what is needed is to create a record on your internal DNS with the same name as the external record, but point it at the internal IP of the email server.  The reason for this is that many firewalls do not allow traffic that is initiated on the internal (LAN) side to come back in on the public side.

The best way to handle this is as follows:
Create a forward lookup zone for the FQDN that you want to resolve (e.g. "mail.example.com").  Inside that zone create an A record that is blank and point it at the internal/private IP of the mail server.  Once created it will show as "same as parent" for the hostname.  This method allows you to create a record for "mail.example.com" while allowing all other records in the "example.com" domain to be resolved by your public records.
0
 
VirtualKansasAuthor Commented:
I believe this is the best answer, have other "issues" with my lack of experience setting up DNS/DHCP to wrench on.  Thank you for helping solve this piece of the puzzle.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now