Link to home
Start Free TrialLog in
Avatar of martinlalancette
martinlalancette

asked on

Local users can't access external website with same domain name

Hello,

Recently I've been assigned to an old case where an employee made a (wrong) setup on a server where he used the same name for the internal domain and the external, for example domain.org. The website is on an external web server. External users have access to the website by using either http://domain.org or http://www.domain.org.
Local users will be seeing the default website IIS page on the domain controller.

mail.domain.org and webmail.domain.org are working fine on both ends but not the www.

I've read a few questions and tried some of their solutions on this forum but so far I didn't have any luck or I've been doing something wrong.

OS:
Windows Server 2008 Enterprise

For explanation purposes:
Internal server IP: 10.10.10.10
External website IP: 20.20.20.20

What I've done so far:
Local Server:
- I created a www A record in the local DNS server pointing to the external website 20.20.20.20.
- I installed IIS on the server and used the HTTP Redirection to http://www.domain.org

External Web Server(Web Hosting company; limited access):
- I removed the CNAME (alias) domain.org
- I added a WWW A record pointing to this website's IP address (www.domain.org A 20.20.20.20)  ---- The A record for domain.org was already there.

When I ping www.domain.org from inside the domain, I get the good external IP address 20.20.20.20.
When I do nslookup www.domain.org inside the domain, I get:
Server: Unknown
Address: ::1
Name: www.domain.org
Address: 20.20.20.20

When I do nslookup from outside the domain:
Server:Unknown
Address: 192.168.200.1             <------- (?? No network is using this ??)
Name: www.domain.org
Address: 20.20.20.20


From what I've read maybe the Web Hosting Company may be missing an A record somewhere?  Or maybe they're redirecting the www back to domain.org?

I'm a bit confused and out of ideas at this point.
Avatar of it_saige
it_saige
Flag of United States of America image

This:
Address: ::1

Is an IPv6 Address (I believe it signifies localhost; same as IPv4 localhost is 127.0.0.1).

First I would make sure that DNS is listening only on IPv4 addresses.User generated image
Second, your first configuration should work (although I would not create a redirect from your internal web server), I would however, create an A record for www and point it to the IP address of the external website.

Just asking for clarification, the site in question is hosted externally, not internally?

-saige-
If the above fails add a SRV record with the domain name, and http as the service (Protocol = TCP)
enter the host offering the service as www.domain.com (Whatever your domain is)

This should work using the A record for your site.
If not change the domain name to the IP address and try that.
Avatar of martinlalancette
martinlalancette

ASKER

@saige

I changed the DNS to listen only to IPv4.
The A record for www was already made and pointing to the right address.
Yes, the website is hosted by an external company with a public address which I use to point the records to. (In  my example its 20.20.20.20)

Still not working.

@Maclean
I created a SRV record on the internal DNS server with the following:
Domain: domain.org
Service: _http
Protocol: _tcp
Priority: 0
Size/Weight*: 100
Port: 80
Host: www.domain.org   -----    20.20.20.20      (I tried both with the name and the IP of the website)
*: The server is in french and I wasn't sure of the actual translation of that particular property.

With either changes in hosts, I was still unable to access the website.
Have you tried setting the external IP of the website per chance? To see if that makes any difference?
I'll have to think a bit more some later when I have more time.
No, I can't change the IP address of the website, it is owned and set by the hosting company (66.46.xx.xx).  This IP is shared with a few others of our clients' websites, but I didn't have any problems yet.

There's only that one domain where it's the same domain name as the external one, all the others were set up fine with .local and whatnot.
When you browse to www.domain.org from a machine outside your network, does the name in the browser's address bar change to domain.org when the page opens? If so, it's being redirected by the web server, and you'll need to remove that redirection or get the web host to do so.
@DrDave242
Yes, when I type the website address from a machine outside the network, the address changes to domain.org.  I've been trying to get the hosting company to change it for a week now (because before I posted here I thought it would solve the problem also), but it's been really hard to deal with them and they don't seem to be able to do properly what I ask them to. Hopefully, I'll get someone on customer support who can understand what I want soon.
I'll get back to you on that.
Well then.
After waiting for so long for the website "programmer" to add the "www" to the website, he wasn't successful. He said: "It won't work using the htaccess file because the website is using the WordPress APIs and it's complicated to add the www with that".  I call BS but I'll leave it at that, I'm no website programmer.

So, I'm just wondering if I could do it myself (with a little help from you guys) to add the www.
The website runs on an Apache server. It is Wordpress.
I tried this in the htaccess file at the top of the file:

RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.domain\.com$ [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [R=301,L]

I remember trying other things but it didnt work either.

Anyway if everything fails, i'll have no choice but to rename my AD domain. If anyone has useful links or how-to methods, it would be great since I havent done that before.
I know nothing about WordPress or Apache, but this blog entry discusses using host headers in Apache. This also looks relevant, although it appears to be for an older version of Apache, so I'm not sure if everything there is still valid.
I'm sorry, I senet the wrong info here. The server is Apache but I only have access to the wordpress php files of the website. I can't access the server directly.

At this point, I'm also looking for information on how to change my domain name. I find the the step process of Microsoft's explanation a bit cold and hard to understand. If anyone  knows an easier way to explain how to do this, it'd really be helpful.
ASKER CERTIFIED SOLUTION
Avatar of DrDave242
DrDave242
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I still don't know why you need a control machine. Wouldn't it make more sense to make the changes on the actual server rather than going through another computer? Since anyway you're going to use Remote Desktop? What's the difference?

Looking between the Microsoft documentation and that video there doesn't seem to be much difference (he doesn't do the verifications and backups, though). I'll try it out on a dummy server at my office and see how it goes.

Thanks for your help. This case has been really annoying so far because no one seems to know anything (DNS, registrars, etc.) and no one seems to be able to find answers to what I'm asking ( force www to the WordPress/PHP website ). It's like all information went *poof* when it comes to this company's server and anything related.



lol I hear ya. Damnit!
Sorry for not having checked back for a while, been busy myself, but I see this is still ongoing.
With my original question some time back on setting the external IP of the website, I mean to say that when creating the SRV record

I created a SRV record on the internal DNS server with the following:
Domain: domain.org
Service: _http
Protocol: _tcp
Priority: 0
Size/Weight*: 100
Port: 80
Host: www.domain.org   -----    20.20.20.20      (I tried both with the name and the IP of the website)
*: The server is in french and I wasn't sure of the actual translation of that particular property.

I meant to say that in host, to set the external IP of the website.
Theoretically when a internal DNS lookup is done for www.domain.org, the http should take priority, and redirect the request to the external IP rather than internal
I still don't know why you need a control machine. Wouldn't it make more sense to make the changes on the actual server rather than going through another computer? Since anyway you're going to use Remote Desktop? What's the difference?
That's a good question. I'll admit, I don't know why the MS documentation insists that you use a control machine, and I can't find a clear explanation for it. My guess is that it's a lot more important in a more complex environment in which you've got multiple domains in your forest, especially if you're repositioning them (rearranging the hierarchy) as part of the rename operation. If there's only one domain in the forest, and especially if there's only one DC in that domain, a control machine likely isn't so important and may not be needed at all.

@Maclean: I don't think most web browsers query for SRV records. In fact, I'm not sure any of them do.
The browser does not query a record itself, but the DNS does, and any requests from a system to go to a website or other needs to use DNS in order to locate where to go. Having the SVR prioritize http to be directed to an external address should work. But perhaps there's something I might be missing :)

I'm merely going from my experience on a similar problem. New client their domain had same name as their website.
Their internal systems point to internal DNS servers, and they wanted that next to http://www.website.com that they could type in http://website.com internally, which won't work without redirecting http requests to this name via a SVR record to the website's public IP address. Worked like a charm for the client.
@Maclean
Yes, I've tried both SRV records (www.domain.org - and - 66.46.xx.xx public address)
It didn't make any difference. Should I wait longer when making changes our DNS server? Or since I'm already on it the changes should be instant?
Should I wait longer when making changes our DNS server? Or since I'm already on it the changes should be instant?
As long as you clear the client and server caches after making a change (ipconfig /flushdns on the client; dnscmd /clearcache on the server), you don't have to wait. However, I stand by my assertion that SRV records won't make any difference in this case, as the client won't query for them. (If you like, you can use Wireshark or some other packet sniffer to find out for sure.)
Forgot I still had this open.

I ended up renaming the domain and it worked fine.
I ended up renaming the domain using the Microsoft documentation, in addition of tips and advice from DrDave.