Solved

How to add a WWW record and enter a CNAME on our DNS server within our network.

Posted on 2016-10-25
14
73 Views
Last Modified: 2016-10-26
Hi

We are using a proxy server on our network and it has be set to X –Forwarded For  and again this proxy have upstream proxies set to central proxy servers( Hosted outside our network) .

Now we have removed the in house proxy server which was within network and have switched to a hosted central proxy outside our network.

To test , I opened the internet explorer removed the proxy settings  and able to successfully browse the internet. But I am not able to access only our organisation website http://www.school.birmgh.sch.uk  ,and  it says This page cannot be displayed.

On our DNS server a local zone has been set up for School.birmgh.sch.uk

I was told I need to add a WWW record and enter the CNAME for our website and this will resolve the problem and will be able to access our organisation website.
Please can you post me some tutorial to create the WWW and enter the CNAME.
I know the CNAME for our website.

Thanks in advance
0
Comment
Question by:lianne143
  • 6
  • 6
  • 2
14 Comments
 
LVL 68

Assisted Solution

by:Qlemo
Qlemo earned 250 total points
ID: 41858915
Just go into your zone, right-click and create a new CNAME record, with "www" as name and your correct, fully-qualified server name.
0
 

Author Comment

by:lianne143
ID: 41858948
Please see the snapshot ,If i right click i get this .
Do i need to put any value in  the Fully qualified domain (FQDN) for the target host.
Thanks
DNS-Snap.png
0
 
LVL 20

Assisted Solution

by:masnrock
masnrock earned 250 total points
ID: 41859016
Try making an A record named "www" instead of a CNAME record. A CNAME record would expect you to name the right location to go to. An A record would let you put in the IP address that you need to resolve to.
0
 
LVL 68

Assisted Solution

by:Qlemo
Qlemo earned 250 total points
ID: 41859103
That is correct. CNAME is setting up a name alias (like www.domain.com is server.localdomain.local). An A record translates a name to an IP address.
0
 

Author Comment

by:lianne143
ID: 41859154
Our organisation  website is hosted outside our network.
When I ping our website from within our network, it says ping request could not find host www.school.birmgh.sch.uk.please check the name and try again.
If I ping yahoo.com or gmail.com , it says destination net unreadable
Looks like ping is blocked by on the firewall

But iam able to ping successfully  www.school.birmgh.sch.uk , yahoo.com and gmail.com  from outside my network.
So wondering  how it will resolve if it doesn't ping
0
 
LVL 20

Accepted Solution

by:
masnrock earned 250 total points
ID: 41859181
What happens if you do tracert from inside of the network? There is a possibility that traffic that needs to be allowed isn't. It's also possible the proxy isn't working right.

If there is a way to have some machines entirely bypass the hosted proxy, I'd ask if the same problem occurs. One of the few ways to see where the issue is starting. If that doesn't work, you could also try changing the DNS servers that are used for outside lookups.
0
 

Author Comment

by:lianne143
ID: 41859213
I did tracert and on the 2nd steps it stops and says destination net unreachable.

But if I tracert the same ip  out side my network, it takes 14 steps to reach successfully
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 20

Assisted Solution

by:masnrock
masnrock earned 250 total points
ID: 41859222
I'm guessing the one result that you got was the internal IP address router? Do a DNS lookup of your organization's site from outside the network, then try to do a tracert to the IP address that it returns,
0
 

Author Comment

by:lianne143
ID: 41859245
You are right the first result was the ip of the Router.

The second is exactly I did a dns lookup of our organisation wesite from outside  and did a tracert on this ip and successfully reaches after 14 steps
0
 
LVL 20

Assisted Solution

by:masnrock
masnrock earned 250 total points
ID: 41859248
Sorry, I meant to say to a tracert of the IP from *inside* the network. Is there a way to have some machines bypass the proxy for testing purposes?
0
 

Author Comment

by:lianne143
ID: 41859272
Not really now , I need to ask the firewall team to allow a PC to by pass the central proxy for testing.

If I put the internal proxy  server address  back on the Internet explorer , iam able to browse our organisation website successfully.
Thanks
0
 
LVL 20

Assisted Solution

by:masnrock
masnrock earned 250 total points
ID: 41859278
That's a scary thought. Here's a strange thought: Does the firewall have any special rules set? There might be a firewall rule that's preventing traffic from leaving the network.
0
 

Author Comment

by:lianne143
ID: 41859361
There must be some firewall rules setup, I will ask the firewall team tomorrow .

In the past, when I was pinging websites I was getting destination net unreachable . When I asked the firewall team about this, I was told ping was completely blocked on the firewall and  they said they can allow ping If I want.
0
 
LVL 20

Assisted Solution

by:masnrock
masnrock earned 250 total points
ID: 41859377
If they will allow ICMP traffic, that helps. That will allow you to see how data flows outward.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now