asked on Local DNS config for external web page.
Hi.
have customer with on-prem server
Local domain: office.domain.com
Webpage doamin.com
Called local domain for office.domain.com so they could still access their external webpage.
But what do I need to add to local DNS server so they can access it on www.domain.com and domain.com?
Assume a new zone, and maybe a www A host record?
Thanx
have customer with on-prem server
Local domain: office.domain.com
Webpage doamin.com
Called local domain for office.domain.com so they could still access their external webpage.
But what do I need to add to local DNS server so they can access it on www.domain.com and domain.com?
Assume a new zone, and maybe a www A host record?
Thanx
DNS
Last Comment
Tore Jacobsen
You're on the right path. In local DNS, create a new zone for domain.com and set up your A records for the root and www sub.
Hello,
as I understood you use the same domain internally and externally, right?
So you use a split DNS configuration....
Your external DNS (provider) is pointing to www.domain.com to access the public web site...
Your internal DNS server hosts a A record (www) and it pointing to the external IP Addreess of your public web site...
If your internal and external domains are different, there are several options:
- If your have forwarders configured, nothing else is needed.
- You can add the external domain as a new zone with an A record pointing to your external server
- You can add a delegation record, which forwards all requests for an external domain to the DNS severs of your provider.
A new zone can be used, if the internal and external domain are different.
In this case, you can also add a delegation for that domain on your local DNS. A delegation record redirects all requests for an external domain to the DNS server, which is responsible for that domain. .
as I understood you use the same domain internally and externally, right?
So you use a split DNS configuration....
Your external DNS (provider) is pointing to www.domain.com to access the public web site...
Your internal DNS server hosts a A record (www) and it pointing to the external IP Addreess of your public web site...
If your internal and external domains are different, there are several options:
- If your have forwarders configured, nothing else is needed.
- You can add the external domain as a new zone with an A record pointing to your external server
- You can add a delegation record, which forwards all requests for an external domain to the DNS severs of your provider.
A new zone can be used, if the internal and external domain are different.
In this case, you can also add a delegation for that domain on your local DNS. A delegation record redirects all requests for an external domain to the DNS server, which is responsible for that domain. .
ASKER
Hi and thanx.
Yes internal and external domain is different . Local : Office.domain.com external: domain.com
So is best practis to set ut extra zone (primary) with two A records (www and root) or delegation record (and if so how?)
Or can I just set up forwarders? Have set up ISP's DNS servers as forwarders but seems like internal users are reaching internal server (asking for log on) when trying to access webpage. - works outside of office.
Yes internal and external domain is different . Local : Office.domain.com external: domain.com
So is best practis to set ut extra zone (primary) with two A records (www and root) or delegation record (and if so how?)
Or can I just set up forwarders? Have set up ISP's DNS servers as forwarders but seems like internal users are reaching internal server (asking for log on) when trying to access webpage. - works outside of office.
ASKER
So I tried adding a new primary zone to local DNS called domain.com and added two A records (www and root), pointed them both to the external IP I got pinging the domian.no webpage.
Still don't get inn.
The website declined to show this webpage
HTTP 403
Most likely causes:
•This website requires you to log in.
Still don't get inn.
The website declined to show this webpage
HTTP 403
Most likely causes:
•This website requires you to log in.
You just may use NSLookup on a client to see, if you get the correct IP address, so all names with xxx.office.domain.com should resolve to an internal IP Address while www.domain.com and root.domain.com should deliver the external IP address...
HTTP 403 means "forbidden", but can also be a result, that the server can not be reached....
If NSLookup delivers the correct IP Address, the reason for HTTP 403 is not the DNS setting.
You may try to use tracert www.domain com as well as tracert x.x.x.x (the external IP Address to your external server) to see, where the request fails. Possibly a firewall or proxy issue....
Delegation may not work in your environment, as the internal domain is a subdomain of your top level domain.
HTTP 403 means "forbidden", but can also be a result, that the server can not be reached....
If NSLookup delivers the correct IP Address, the reason for HTTP 403 is not the DNS setting.
You may try to use tracert www.domain com as well as tracert x.x.x.x (the external IP Address to your external server) to see, where the request fails. Possibly a firewall or proxy issue....
Delegation may not work in your environment, as the internal domain is a subdomain of your top level domain.
Your steps correct,
1. create forward lookup zone for domain.com
create host record [ A record] for root = public IP [external]
Create host record [A record ] for subdomain www = public IP [external ]
create host record [A record] for sub domain office = local IP
You can check that setting with c:\Windows\System32\driver
https://support.rackspace.com/how-to/modify-your-hosts-file/
1. create forward lookup zone for domain.com
create host record [ A record] for root = public IP [external]
Create host record [A record ] for subdomain www = public IP [external ]
create host record [A record] for sub domain office = local IP
You can check that setting with c:\Windows\System32\driver
https://support.rackspace.com/how-to/modify-your-hosts-file/
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Don't give any points for this, but I completely agree with DrDave242. This is a great benefit of having your internal/AD domain different than your public domain - that you don't have to create special zones or records on your internal DNS to resolve records which you have on your public DNS.
Hello,
By the way what is you local Primary domain which your users PCs and etc belongs to.
1. is it something like domain.local
or
2. Is it same as your web site domain.com
By the way what is you local Primary domain which your users PCs and etc belongs to.
1. is it something like domain.local
or
2. Is it same as your web site domain.com
ASKER
Webpage hosting company had blocked their IP after they had tried to log on for edeting with wrong password. Would be nice to have this info earlier..