Can't See External Website Internally
I have a company that had a website hosted externally with a private party. We have moved the website to a new host (still outside my local network) and I updated my Network Solutions DNS to point to the new host. From outside my network I can see the website just fine but none of the computers in my domain can see the website. I checked the local DNS servers and found an “*” and “WWW” record pointing to the old IP, I have changed the IP to reflect the new IP address and if I ping the website it is resolving to the correct IP address but still can’t access the website internally. I also read somewhere since the website is hosted externally I should not have a "*" or a "WWW" record locally but after deleting them I still can't access the site. Any Idea’s of what could be going on?
ASKER
I tried both of those. Weather the record is there or not I can Ping the website and it is resolving to the correct IP but not browse-able through Internet Explorer or Chrome on internal network.
have you reboot your computer yet? the browsers may be caching the old IP
you also have to clear the dns servers cache.
powershell to clear ALL DC's cache (remove the -whatif if it will do what you want)
powershell to clear ALL DC's cache (remove the -whatif if it will do what you want)
$DCS = Get-ADDomainController
foreach ($dc in $dcs) {
Clear-DnsServerCache –ComputerName $dc.hostname -Force -whatif
}ASKER
I have rebooted the pc's as well as cleared the DNS Cache on the server.
ASKER
I have also rebooted the DNS server. When I ping the website it is resolving to the correct IP address so the DNS appears to be working but when I browse the page it comes up and says "webpage is not available" or "Internet Explorer cant display the webpage".
http://www.downforeveryoneorjustme.com/
can you browse to it from your DNS server?
If you can access this from outside your network and cannot from inside your network there is a configuration issue inside your network.
Have you checked the hosts or lmhosts file on your local machine? this is the first place the LM looks for DNS info.
can you browse to it from your DNS server?
If you can access this from outside your network and cannot from inside your network there is a configuration issue inside your network.
Have you checked the hosts or lmhosts file on your local machine? this is the first place the LM looks for DNS info.
ASKER
When I check the website on your tool it says it’s just me, the site is up. No I can not access the site on my local dns server, I get the same error as the pc's. I have checked the hosts files there are no records in there, its the standard examples from Microsoft. Am I correct in thinking that if I can ping the www.mycomany.com on the local pc and it resolves to the correct IP that my website is hosted on that this is not a DNS issue?
Since you mentioned that you had a www record on your internal DNS server, does your internal (AD) domain have the same name as your external (registered) domain?
ASKER
Minus the .com yes. For example my website is www.mycompany.com and my internal domain is mycompany.local
OK, that's good, as those are considered different domain names. Is there a forward lookup zone named mycompany.com on your internal DNS server?
ASKER
Yes under Forward lookup Zones I have a mycompany.com and a mycompany.local
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
There is a www record and a mail record but then I look under mycompany.local the records are there also.
Capture.PNG
Capture.PNG
ASKER
When I go to delete the zone i get this. 
I looked at the Active Directory and it only shows mycompany.local not the mycompany.com so I should be OK to delete correct?
I looked at the Active Directory and it only shows mycompany.local not the mycompany.com so I should be OK to delete correct?
Yeah, you can delete that. It just means that the zone is stored in AD; it's not related to your actual AD domain.
ASKER
So I deleted the Zone and flushed and registered the dnd and i was able to hit the website inside the building. Weird thing is if I go to www.mycompany.com the page doesn't come up but if i go to mycompany.com the page loads? I checked the mycompnay.local and the www record is there with the correct IP?
Ignore that www record in the mycompany.local zone. In fact, you can probably delete that record unless you've also got an internal site named www.mycompany.local.
It sounds like the website is configured to only respond to requests for mycompany.com but not www.mycompany.com. If that's the case, the site host will likely have to be the one to fix it (and it should be a simple fix). Do you know whether both URLs work from outside the office? If they do, that's...strange.
It sounds like the website is configured to only respond to requests for mycompany.com but not www.mycompany.com. If that's the case, the site host will likely have to be the one to fix it (and it should be a simple fix). Do you know whether both URLs work from outside the office? If they do, that's...strange.
ASKER
When I type www.mycompany.com into the outside it translates to mycompany.com and the website page opens.
OK, the site is redirecting the request. That's normal, but it should work the same from inside or outside your office. Just to make sure you don't have a bad DNS record cached somewhere internally, clear the server cache on all of your internal DNS servers, either by using the console or PowerShell as posted by David Johnson above or by running dnscmd /clearcache on each one. Then run ipconfig /flushdns on your client once again and try to reach the site at www.mycompany.com.
ASKER
That Looks like it fixed it, Thanks for all the help.
Let's use Telnet.
can you packet trace at your firewall? check port 80/443 rules pointing to your domain site/IP of the web host.
if you can ping the webhost IP using the domain name, then your DNS is OK.
try >telnet mycompany.com 80 you should get a black screen if the connection is successful
if not check your packet trace to see where the TCP comms are failing.
can you packet trace at your firewall? check port 80/443 rules pointing to your domain site/IP of the web host.
if you can ping the webhost IP using the domain name, then your DNS is OK.
try >telnet mycompany.com 80 you should get a black screen if the connection is successful
if not check your packet trace to see where the TCP comms are failing.
You probably need to flush your local DNS too - ipconfig /flushdns