DNS - primary and seconary lookup

Have you configured Forwarders in your DC's DNS entries? If not add them but you should know the DNS of your ISP. You may have to configure your Fire Wall to allow DNS to your DCs.  Find the  snapshots for configuring Forwarders.  

Once this is done, any query to external should be get resolved through the forwarders.
 
It is not a good idea to add the ISP's DNS in a domain joined PC.

Zac.

Are you accessing you machine from outside(internet/WAN) ?
OR
from lan ?

sorry did not add the snap shots,


Zac.

I have got forwarders in place. Sorry if im being stupid here but if we didn't would we not be able to ping google etc internally?

I have got forwarders in place

OK. How the internet distributed in your LAN? Using a Fire wall /UTM/Proxy  or something else?

Zac

Firewall at the moment soon to be UTM

Can this PC access internet? and if so , can you check the logs in fire wall,  when you try to access the specific APPS from the domain joined PC?

Zac.

Yes the PC can access the internet no problem. When I add the URL to the remoteapp it finds it and connects OK as I promtped for credentials. In then gives me the shortcuts to the application. When I launch the application it then cannot connect to the remote desktop. However if I change the DNS to external it works fine.

However if I change the DNS to external it works fine.

Are they the same external DNS  mentioned in your forwarders and also in your Fire Wall?

What is the default gate way of your DC & the PC? Is it the IP of the Firewall or the router/Switch?

Can you create a new rule in your FW to allow full access to internet for this particular PC? and then test? (without adding the external DNS)

I dont have control over the firewall but i have been working with them to resolve this issue.

Firewall probably uses different DNS

Gateway on this site goes to a router as its part of an mpls network. & site all intern goes out from another site.
 alreasy checked we have full access to the web.

The interesting thing is that i have a test machine that if I configure primary DNS to be local DC I cannot launch the remote app it fails trying to launch RDP session. However, if i change the primary dns to be 8.8.8.8  and the secondry as my local DC it works.

The other thing i dont understand is that when i make the external DNS the primary DNS server I can still ping local hosts? even if i run an ipconfig /flushdns command.

The AD DNS are set to be the primary DNS entries to any domain joined PCs/ Servers. Other wise, it looses the authentication, GPO settings, time sync etc.. and eventually causing troubles.

For  a test purpose, add the Google DNS in your  DNS Forwarders and test but do not delete any existing  ones. If this solves the issue, then use it as temporary solution until your network guys solves the main cause of issue.

Zac.

Yep already done that. Still no working solution.

Is the gateway IP used in your DC and the test PC are the same?

Do you know the LAN (inside IP ) of your Fire Wall? if so add this IP as the secondary gateway in your PC and test and also please run "route print" (without quotes) in your DC and post the results.



Zac.