Set routes to test domain joined computer as if it were off the network

So I changed the DNS of my machine at work to public DNS (I am remoted in to it).
Unfortunately, it is not acting exactly as it normally would if I had it at home.
When I do trace routes it times-out unlike as if it were at home.
Any steps I could take to make this work?

Thank you.
K.B.
LVL 8
K BAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

matrix8086Commented:
traceroute has nothing to do with DNS checking. Traceroute acting at the IP level in the TCP/IP architecture, and DNS resides at the Application level of the TCP/IP architecture.

times outs in trace route can occurs when the route passes routers configured to not respond at ping (ICMP packets)
0
K BAuthor Commented:
I see.. At the same time the computer does not browse websites as it would from the outside.. any idea why?  Is it having to leave and then come back in?
0
matrix8086Commented:
What exactly did you do when you said "I changed DNS"?

Did you change the IP in a zone of a DNS server, or you changed the DNS IP of the network configuration?
0
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

K BAuthor Commented:
I changed the name servers that the workstation uses for DNS resolution

Workstation-Public-DNS-Change.png
0
matrix8086Commented:
Aha, perfect!

Can you ping 8.8.8.8 and/or 4.2.2.2?

If the answer is yes, can you telnet 8.8.8.8 53 and/or telnet 4.2.2.2 53 ?

53 is the port where your machine ask 8.8.8.8 and 4.2.2.2 for DNS request. if you cannot ping it is a connection issue or a firewall rule which forbid connection to Google's public DNS.

If you can ping but you cannot telnet, is definitely a forbidden rule in firewall which restrict port 53.

To see if it is a connection problem if the ping fails, try ping to an IP address from you ISP, preferable the Gateway IP which ISP provided to you
0
K BAuthor Commented:
I can successfully ping and telnet to both
0
K BAuthor Commented:
I can get to any public website except the internal site I am trying to test.
0
matrix8086Commented:
In this case it means that your internet site is just internal and not public on the Internet. To make it public, you have to add in the DNS in the zone of your domain an A record with an IP public address where the site responds
0
K BAuthor Commented:
It is publicly available on the Internet.
The record exists in DNS.
I can access it from my home computer.
0
matrix8086Commented:
can you ping from the server you just changed the DNS the site by name? How about pinging the IP public address of the site?
0
matrix8086Commented:
... you've just changed ...
0
K BAuthor Commented:
I can telnet to FQDN port 443 from home but not from the machine in question
0
RafaelCommented:
Look at your local route table as well as your host file. You may need to add in a route in your route table and or edit your host file so that the machine on the inside can see your internal site. You may also want to check any potential NAT settings that may be in place.

[i]HTH
-Rafael[/i]
0
K BAuthor Commented:
Anything NAT related would be a major undertaking with change requests.  Could you guide me with the static routes on my workstation however?
0
RafaelCommented:
To view the IP routing table
Open A Command Prompt.

At the command prompt, type:

route print

Post your display
0
matrix8086Commented:
As long as telnet FDQN is not working:

- if ping FDQN is working, it is a firewall problem
- if ping FDQN is not working but ping IP is working, it is a DNS issue
 - if ping IP is not working it is a routing issue. In a CMD type netstat -r and see if there is a route to the site's IP class. If there is a route try to ping the gateway
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
K BAuthor Commented:
cannot ping to IP or FQDN from outside
cannot telnet (443) to IP or FQDN from inside (with public DNS manually entered)
CAN telnet (443) to IP or FQDN from inside (with normal DNS given out  by DHCP)
0
matrix8086Commented:
ok!
The IP that you can telnet with the DNS given by DHCP, is public or private?
0
K BAuthor Commented:
Private
0
matrix8086Commented:
OK! The corresponding public address of the site is configured on the machine where the site resides, or is on a router which makes port forwarding to the private IP address?
0
matrix8086Commented:
As I figure so far: in your DNS it is a record of www.wcff.net with a private address, but not a record with www.wcff.net with a public address, or
the DNS where the zone configuration resides is not visible/accesibe from Internet

But: As long as you cannot ping IP_public_address from Internet, maybe you have a misconfiguration of IP_public_address or a misconfiguration of port forwarding

Best regards!
0
K BAuthor Commented:
I think that was a comment for another question Matrix?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Architecture

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.