As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!
DNS issue
Hi EE,
Please provide assistance for following issue.
I have a created a new active directory infrastructure domain call ABC.com and it has active directory local DNS and use all active directory member servers and clients. Also I do have a web site host in third party hosting services with same site name ABC.com. However, users now complaining that they cannot access to the website ( ABC.com) from their computers. I do have in house Microsoft environment as well.
Please list of possible solution ? All NAT configuration were made already.
Thank you
Please provide assistance for following issue.
I have a created a new active directory infrastructure domain call ABC.com and it has active directory local DNS and use all active directory member servers and clients. Also I do have a web site host in third party hosting services with same site name ABC.com. However, users now complaining that they cannot access to the website ( ABC.com) from their computers. I do have in house Microsoft environment as well.
Please list of possible solution ? All NAT configuration were made already.
Thank you
Who is Participating?
You have created a "split brain" DNS infrastructure, meaning you now have completely separate internal and external DNS namespaces for ABC.com. You will need to put all of the same records that are in your external DNS zone in your internal one.
It is usually recommended to setup the AD namespace as a delegation of your external namespace (etc, internal.abc.com) to avoid this problem.
It is usually recommended to setup the AD namespace as a delegation of your external namespace (etc, internal.abc.com) to avoid this problem.
Thank you. Could you please provide a walk through what are the configuration need include in split brain DNS session? Do i need to do some changes in hosting site ? Also , include some short of reference to get more understanding . I am a junior Networking background person and not very familiar with AD, DNS.
Thanks,
Thanks,
You won't need a new zone if your Internal Domain matches your external Domain name, ie; both are abc.com, you will just need to create a new 'A' record in your existing DNS zone for abc.com called 'www'.
Go into DNS > View > Advanced.
Now, expand Forward Lookup Zones and select your zone 'abc.com'.
In the main panel on the right-hand side, right-click on a blank area and click on 'New Host (A or AAAA)...'
Name = www
IP Address = the Webserver's Internal IP
Create Associated Pointer Record = Tick if not already done
Timestamp = All 0's
It's important the timestamp is all 0's, this will make it a static entry so it will never be accidentally scavenged (if configured).
It's important
Go into DNS > View > Advanced.
Now, expand Forward Lookup Zones and select your zone 'abc.com'.
In the main panel on the right-hand side, right-click on a blank area and click on 'New Host (A or AAAA)...'
Name = www
IP Address = the Webserver's Internal IP
Create Associated Pointer Record = Tick if not already done
Timestamp = All 0's
It's important the timestamp is all 0's, this will make it a static entry so it will never be accidentally scavenged (if configured).
It's important
Correct - you don't need the new zone. Habit of mine. If your domain zone didn't match your web site domain you would want an additional zone.
Thank you for your comments. Still now working . I don't see PTR record created. Is that cause the issue ? Please assist .
I am getting time out when i ping www.abc.com. However , when i do nslookup it will resolve name and or IP.
Are you doing the ping from the server or workstation? What is the DNS server that is set on the NIC of the machine?
I am ping from one of AD member server. The server NIC set to my local DNS which is our active directory DNS server IP.
Without seeing it, hard to say. If you want to send a screen shot and mask as little as possible. . . Would be nice to see what you set in the DNS server.
Thank you , Please check screen shot. i did enter in public IP address in IP address session and FQDN is abc.com . Also , i created new zone with revers lookup zone and the pointer will be created PTR automatically in revers zone
DNS-Updates.PNG
DNS-Updates.PNG
Thanks for the screen shot though it's not very helpful since everything is masked. Here's an example of what mine would look like if I was in your shoes.
Also, a timeout when pinging is fine, IF the IP is resolving. See attached. Many hosts don't have ping turned on, so a timeout if normal but it must resolve to the correct IP.
Ping.jpg
DNS.jpg
Also, a timeout when pinging is fine, IF the IP is resolving. See attached. Many hosts don't have ping turned on, so a timeout if normal but it must resolve to the correct IP.
Ping.jpg
DNS.jpg
Thank you for your comment . I did exactly same as you configured in the screen shot. Only different i did select PTR ( check marked ) record .
I understand the ping turned off some hosts. For your information ,I could able to resolve using NS LOOKUP.
Do I need uncheck PTR record ?
I understand the ping turned off some hosts. For your information ,I could able to resolve using NS LOOKUP.
Do I need uncheck PTR record ?
No PTR is fine. So IP resolves. I'm assuming you're not able to get to your site still from within your network by a browser?
Flush the dns cache on Servers and a test client - ipconfig /flushdns from a change prompt window. Then try accessing it again.
If the IP is resolving correctly, it sounds like all is fine on the DNS side. If you ping your website from outside your network, does it ping successfully there? You're sure the IP is correct (Verify against the ping on the outside world.)
I could resolve the IP from my domain controller using NSLOOKUP. I am unable to ping outside my network as well. The IP address is correct , i did verified.
Sorry out of ideas. If the ip is resolving the same internally as externally, then something else is at play such as web filtering or something. Could be any number of issues - firewall, web filtering, proxy...
Is the web server in your own network? If so, the traffic from your internal clients is being routed to the outside and then back in to that server, which then sends it back out again. This might not work if there is a router or firewall seeing traffic taking a route like that. If that is your case, and the server has an internal IP that is routeable by the internal clients, try connecting to it using the internal IP.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
You will never be able to resolve your website by going to abc.com internally; since you used that internally, you're stuck with only accessing it at www.abc.com.