DNS question

Basically, I need to https://xxx.xxx.xxx.xxx:4444 to forward to https://????????????.com:4444

I have bought the domain and SSL certificate then edited the A record's @ host to point to the IP address.

How do I go about setting up the https portion so that https://xxx.xxx.xxx.xxx:4444 forwards to https://????????????.com:4444
DonKwizoteAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Paul MacDonaldDirector, Information SystemsCommented:
That's not the job of DNS.  DNS just translates the host name into an IP address for your computer to use.  Any protocol translation would have to be done on the web server (or perhaps in the router in front of the web server) itself.
0
Wayne88Commented:
"How do I go about setting up the https portion so that https://xxx.xxx.xxx.xxx:4444 forwards to https://????????????.com:4444"

Once you configure the A record the domain name hosting should automatically create a reverse IP for that domain name.  That's all you need from what I can recall.
0
Brian BEE Topic Advisor, Independant Technology ProfessionalCommented:
If you are talking about external web sites on the internet, you don't have to forward. If you own the domain name, you can point it anywhere you want.
0
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

Brian MurphyIT ArchitectCommented:
That would be a "rewrite" or "redirect" in HTTP speak.

Also, you cannot change the FQDN and expect the SSL Certificate to work.

Doesn't work that way.

An HTML redirect is easy regardless of HTTP or HTTPS(SSL) protocol.

Certain programs like VMWARE vCenter and others use .config files for these operations.

However, if you redirect to the same FQDN but different port your SSL Certificate will still match the FQDN.

If you redirect to a different FQDN same port or different port matters not, you cannot take incoming on any port for mysite.myfqdn.com and matching SSL Certificate to not.mysite.myfqdn.com UNLESS you add SPN or Alternative Subject Name to the request.

Which, I'm not recommending this yet it would work.

The FQDN matters in DNS Land, not the port #.
1
Jan SpringerCommented:
PTR record creation is not automatic, in general.  Perhaps some software will but it shouldn't.

If you have a host pointing to an address and you want that traffic forwarded, then in your web server virtual host configuration, you will rewrite the header.
1
Jan SpringerCommented:
What Brian says is correct about the certificate and the FQDN.  The exception to this rule is a wildcard certificate for a domain (and this presumes that you are forwarding from one hostname to another within the same domain).
1
DonKwizoteAuthor Commented:
Thanks for your comments, everyone. But I'm afraid I'm even more confused.

I might not have explained my goal properly.

https://xxx.xxx.xxx.xxx:4444 is the public IP of my new SSL VPN appliance. But I don't want users to type in this as it's not very user-friendly. Instead I would like https://????????????.com:4444 to "translate" https://xxx.xxx.xxx.xxx:4444.

Firstly, is this possible? If so, please let me know how to accomplish this or point me in the right direction
0
Wayne88Commented:
Sure it is possible but you've already done it by creating an A record to point to your IP address.

Example: https://www.namecheap.com/support/knowledgebase/article.aspx/319/78/how-can-i-setup-an-a-address-record-for-my-domain

Video example for GoDaddy: https://www.youtube.com/watch?v=Mt4muw3uxOc

You also mentioned you "edited the A record's @ host to point to the IP address"  that sounded like you edited the MX record instead of the A record because you emphasize the "@" symbol.
1
Jan SpringerCommented:
Using examples:

Your host is 10.0.11.3

In DNS, create an address record

     website.domain.com           IN           A          10.0.11.3

Get your certificate for website.domain.com.

Configure your webserver to use named virtual hosts.   The IP of this webserver is 10.0.11.3.  The virtual host section is website.domain.com.

When people type: https://website.comain.com:4444, the packets will go to 10.0.11.3.  When the webserver on 10.0.11.3 sees the header contain "website.domain.com", it will use the virtual host configuration for that fqdn.
0
Brian BEE Topic Advisor, Independant Technology ProfessionalCommented:
So to summarize, it sounds like you are ready to go. If you ping your domain name over the internet and get back the correct IP address, then your are all set. Using your browser to the same domain on port 4444 will also work.
0
Jan SpringerCommented:
Re-reading, ignore the certificate and webserver piece, this is just another device.  Once you've created an address (A) record in DNS for that fully qualified domain name, you should be set.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DonKwizoteAuthor Commented:
Thanks everyone! I eventually got there. Phew!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.