cstephen100
asked on
Internal Website not working with client pcs using FQDN (server 2008)
Hi All,
I have a iis website running on a server 2008.
It is working fine internally if access it via an ip address: i.e http://192.**.100:99
I can access remotely via my fqdn: http://remote.mydomain.com:99
i added a sub forward lookup zone on my DNs server (server 2008),
and from this server i can access the FQDN address ok i.e: http://remote.mydomain.com:99
However,
the client pcs on the network cannot access the FQDN address and need to use the internal ip.
i dont particularly want to add host file entries on client pcs.
Would like the domain to resolve internally and externally.
Hope someone can help.
Thanks
stephen
I have a iis website running on a server 2008.
It is working fine internally if access it via an ip address: i.e http://192.**.100:99
I can access remotely via my fqdn: http://remote.mydomain.com:99
i added a sub forward lookup zone on my DNs server (server 2008),
and from this server i can access the FQDN address ok i.e: http://remote.mydomain.com:99
However,
the client pcs on the network cannot access the FQDN address and need to use the internal ip.
i dont particularly want to add host file entries on client pcs.
Would like the domain to resolve internally and externally.
Hope someone can help.
Thanks
stephen
Are the client computers using the internal DNS server(s) as their DNS servers with no other DNS server entries?
Have you performed an ipconfig /flushdns && ipconfig /registerdns on a client computer and tested whether you were able to ping the server by it's FQDN remote.mydomain.com?
-saige-
Have you performed an ipconfig /flushdns && ipconfig /registerdns on a client computer and tested whether you were able to ping the server by it's FQDN remote.mydomain.com?
-saige-
And you only need to create an alias (CNAME) in DNS to allow the FQDN to resolve correctly.
Delete the "sub forward lookup zone" and add a CNAME that points to the server's hostname.
Also, how many websites are running on the server?
Under the site's binding info, add a host name to the FQDN you want to use.
Dan
Delete the "sub forward lookup zone" and add a CNAME that points to the server's hostname.
Also, how many websites are running on the server?
Under the site's binding info, add a host name to the FQDN you want to use.
Dan
ASKER
thanks for your reply,
the pc's are connecting to the server 2008 dns server,
On the dns server, under Forward lookup Zones, i have:
mydomain.local and
mydomain.com (i added this).
I added an A record initially on mydomain.com
however, based on below i removed the A record and added as CNAme, but it doesn't resolve now unfortunately.
The websites (1) are located on another IIS server at present.
I have fqdn in the iis server at present and it resolves externally,
not sure if this is helping,
thanks
stephen
the pc's are connecting to the server 2008 dns server,
On the dns server, under Forward lookup Zones, i have:
mydomain.local and
mydomain.com (i added this).
I added an A record initially on mydomain.com
however, based on below i removed the A record and added as CNAme, but it doesn't resolve now unfortunately.
The websites (1) are located on another IIS server at present.
I have fqdn in the iis server at present and it resolves externally,
not sure if this is helping,
thanks
stephen
ASKER
note: if i ping fqdn i get public ip,
Frm dns server, if A record in place i get the dns server ip
Frm dns server, if A record in place i get the dns server ip
Unless the site is using absolute pathing (as opposed to relative pathing), you should not need to use a split dns.
You should be able to just specify the host portion of the header (in this case 'remote' is the host portion) in your normal dns zone and ensure the the bindings for the IIS site utilize both definitions for the header; e.g. - remote and remote.mydomain.com.
The local clients can then access the site using http://remote instead of http://remote.mydomain.com.
-saige-
You should be able to just specify the host portion of the header (in this case 'remote' is the host portion) in your normal dns zone and ensure the the bindings for the IIS site utilize both definitions for the header; e.g. - remote and remote.mydomain.com.
The local clients can then access the site using http://remote instead of http://remote.mydomain.com.
-saige-
Does your site use a host header name? If not, can you get to it using http://servername:99?
Let's take a few steps back...
The issue is that your internal users are resolving the external (Internet) IP address of the URL when they should be getting an internal (192.168.x.x) IP address.
Here's what I believe to be the issue:
1. your mydomain.com is hosted by a 3rd party DNS/Hosting provider
2. your internal DNS servers do not have a local entry for the domain, so they are resolving via DNS forwarding (talking to the root dns servers or a configured forwarding DNS destination) and receiving the external IP of the remote.mydomain.com URL
3. you are using a NAT to map the external IP to the internal IP on the IIS Server
4. your users are hitting the external interface of your router which is not a web server
Questions:
1. What URL do you want your internal users to use from inside your network?
2. What URL do you want your Internet users to use from outside your network?
3. Do you host your Internet domain in house or use a 3rd party provider?
4. What internal hostname does the IP address of the web server resolve to?
4a. if you do an nslookup 192.*.*.100 , what hostname is resolved?
The answers to these 3 questions will help in fixing the issue.
Dan
The issue is that your internal users are resolving the external (Internet) IP address of the URL when they should be getting an internal (192.168.x.x) IP address.
Here's what I believe to be the issue:
1. your mydomain.com is hosted by a 3rd party DNS/Hosting provider
2. your internal DNS servers do not have a local entry for the domain, so they are resolving via DNS forwarding (talking to the root dns servers or a configured forwarding DNS destination) and receiving the external IP of the remote.mydomain.com URL
3. you are using a NAT to map the external IP to the internal IP on the IIS Server
4. your users are hitting the external interface of your router which is not a web server
Questions:
1. What URL do you want your internal users to use from inside your network?
2. What URL do you want your Internet users to use from outside your network?
3. Do you host your Internet domain in house or use a 3rd party provider?
4. What internal hostname does the IP address of the web server resolve to?
4a. if you do an nslookup 192.*.*.100 , what hostname is resolved?
The answers to these 3 questions will help in fixing the issue.
Dan
Also, run Ipconfig /all from the DNS server (which you said resolved it correctly) and from a client (shich did not) are the DNS server addresses the same?
ASKER
Thank you for the reply,
yes in principle you are correct:
ill repsond to questions below:
Questions:
1. What URL do you want your internal users to use from inside your network?
** - was hoping to use the same url (fqdn) - remote.mydomain.com, this would resolve then to internal sever.
2. What URL do you want your Internet users to use from outside your network?
** presently: remote.mydomain.com works fine.
3. Do you host your Internet domain in house or use a 3rd party provider?
** yes registered the domain with register.com
4. What internal hostname does the IP address of the web server resolve to?
** not sure what mean exactly, but have a hostname on the IIS server for the webpage.
dns server: 192.168.114.12,
iiis server: 192.168.114.100
4a. if you do an nslookup 192.*.*.100 , what hostname is resolved?
** server: dns.eircom.net (not sure if this is what you mean)
hope this helps,
thanks very much Stephen
yes in principle you are correct:
ill repsond to questions below:
Questions:
1. What URL do you want your internal users to use from inside your network?
** - was hoping to use the same url (fqdn) - remote.mydomain.com, this would resolve then to internal sever.
2. What URL do you want your Internet users to use from outside your network?
** presently: remote.mydomain.com works fine.
3. Do you host your Internet domain in house or use a 3rd party provider?
** yes registered the domain with register.com
4. What internal hostname does the IP address of the web server resolve to?
** not sure what mean exactly, but have a hostname on the IIS server for the webpage.
dns server: 192.168.114.12,
iiis server: 192.168.114.100
4a. if you do an nslookup 192.*.*.100 , what hostname is resolved?
** server: dns.eircom.net (not sure if this is what you mean)
hope this helps,
thanks very much Stephen
ASKER
just to note:
if i do: nslookup remote.mydomain.com , from another client the server: public pi
if reoved the a recod from forward lookup zone (mydomain.com)
and there is no entries in mydomain.local.
so unsure what to add itnto dns.
thanks
stephen
if i do: nslookup remote.mydomain.com , from another client the server: public pi
if reoved the a recod from forward lookup zone (mydomain.com)
and there is no entries in mydomain.local.
so unsure what to add itnto dns.
thanks
stephen
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thank you again
i have followed this,
i have added the new zone in dns and the A record. Entered the ip address for iis server,
i can from dns sever get the website when i use http://remote.mydomain.com
however, from client pcs it still seems to not resolve and trys to go to public ip.
hopefully i'm close
and thank you again
i have followed this,
i have added the new zone in dns and the A record. Entered the ip address for iis server,
i can from dns sever get the website when i use http://remote.mydomain.com
however, from client pcs it still seems to not resolve and trys to go to public ip.
hopefully i'm close
and thank you again
Sounds like the client is using the external DNS as their DNS client,
Can you run IPConfig /all on a client and attach a screenshot ?(you are using internal IPs so no risk there. just blank the PC and domain name)
Can you run IPConfig /all on a client and attach a screenshot ?(you are using internal IPs so no risk there. just blank the PC and domain name)
ASKER
just attached ipconfig/all from the client pc,
If i ping the remote.mydomain.com it actually pings the iis server,
If i ping the remote.mydomain.com it actually pings the iis server,
So can you open the site via the web address now from inside the network? If not, I would use the following command to test the site
telnet remote.mydomain.com 99
See if you get a connection. (you will need to enable the Telnet client on the workstation.
(also did not see the attachment)
telnet remote.mydomain.com 99
See if you get a connection. (you will need to enable the Telnet client on the workstation.
(also did not see the attachment)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thank you all, got it going
Dan