DNS Internal Website access issue

This issue is driving me crazy. I have an active directory name of corporate.example.com

I can access our website externally by going to www.example.com or just example.com  The website is not hosted in-house.

I can't access it either way internally. I have looked through the DNS service and I don't see what is preventing this. I thought I was following MS best practices by putting the "corporate" before the domain name. When users log into to their PC's in the office, the domain line on their login screen only uses "corporate". I'm sure this must be something simple. I've rebooted, restarted DNS, flushed the DNS cache but no change.

Any ideas?

Thanks!!
crdixonAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Nathan HawkinsTechnical Lead - Network SecurityCommented:
What do you get when you open a CMD prompt and type "nslookup www.example.com" or "nslookup example.com" or "nslookup corporate.example.com"?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
David Johnson, CD, MVPOwnerCommented:
seeing just corporate is normal.  as you are authoritative for corporate.  but not .example.com
what results do you get for a nslookup www.example.com or nslookup example.com/
DrAtomicCommented:
Your problem is with your local DNS having a definition for the domain example.com as well as the subdomain corporate.example.com; add the required dns entries (copy them over) for example.com and www.example.com in your local dns.
Cloud as a Security Delivery Platform for MSSPs

Every Managed Security Service Provider (MSSP) needs a platform to deliver effective and efficient security-as-a-service to their customers. Scale, elasticity and profitability are a few of the many features that a Cloud platform offers. View our on-demand webinar to learn more!

Jan SpringerCommented:
You need DNS doctoring in your firewall.

It will take an incoming request and determine if it's from inside or outside the firewall and hand out the appropriate DNS IP.
HowardPMANetwork AdministratorCommented:
We have added a static entry in our DNS for "www" that points to the external address of our website. If users internally try to access the website without the www, they cannot. Internally they must add www. externally they get to it either way.
Jan SpringerCommented:
cancel what i said about dns doctoring.  do you use your external domain name internally, as well?  do you have an internal dns server?

if so, you'll need to update your internal dns server with the www.domain.com to point to the external IP.
matrix8086Commented:
In your internal DNS, in the zone example.com you need an A record for the external IP of the site, like this:

www  A   external_IP
crdixonAuthor Commented:
This FINALLY starting working although it is still a mystery. I had been playing with making the A record DNS entries on the DNS server. From this DNS server, it was resolving correctly under NSLOOKUP. There was nothing in the HOSTS file and it still wouldn't pull the page.

From the internal client PC's NSLOOKUP was resolving and coming from the AD DNS server as the authoritative. It finally starting working on the client PC's. From the AD DNS server, the ping was working correctly, as was NSLOOKUP but this server still could not pull up the page. I restarted the DNS server flushed DNS, disabled IIS and still nothing. Went to lunch and when I came back -  now its working! I still don't understand why this was being so flakey. Just glad it's working.
crdixonAuthor Commented:
Thanks for the help experts!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.