alexwhite19800
asked on
Multiple DNS systems query
My network is set up as below:
Internet > DMZ > Amber Zone > Green Zone
Green zone has an AD forest/domain: greenzone.com
Amber zone has an AD forest/domain: amberzone.com
Both zones uses their own AD for DNS resolution.
Any devices in either zone that need 80/443 services are pointed at proxy.greenzone.com on port 8443 in their proxy settings. This is open on the firewall between Amber and Green zones.
Proxy.greenzone.com has a route to both internal web servers and the internet.
In the Green zone, we use https:/tech.com as an easy way to point our users for Tech Help. For example:
https://tech.com/Support - IT Support
https://tech.com/Password - Password resets
https://tech.com/FAQ - How to's
...you get the idea.
Now, the issue we have is that if a user is on a device in the Amber zone, if they type https://tech.com/*anything* they get sent to the real (i.e. externally facing) www.tech.com website.
I need to find a way for any user on a device in the Amber Zone to be sent to OUR internal tech.com sites rather than the external one.
Any ideas?
Internet > DMZ > Amber Zone > Green Zone
Green zone has an AD forest/domain: greenzone.com
Amber zone has an AD forest/domain: amberzone.com
Both zones uses their own AD for DNS resolution.
Any devices in either zone that need 80/443 services are pointed at proxy.greenzone.com on port 8443 in their proxy settings. This is open on the firewall between Amber and Green zones.
Proxy.greenzone.com has a route to both internal web servers and the internet.
In the Green zone, we use https:/tech.com as an easy way to point our users for Tech Help. For example:
https://tech.com/Support - IT Support
https://tech.com/Password - Password resets
https://tech.com/FAQ - How to's
...you get the idea.
Now, the issue we have is that if a user is on a device in the Amber zone, if they type https://tech.com/*anything* they get sent to the real (i.e. externally facing) www.tech.com website.
I need to find a way for any user on a device in the Amber Zone to be sent to OUR internal tech.com sites rather than the external one.
Any ideas?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.