Unable to access/ping our external company website

itmtsn
itmtsn used Ask the Experts™
on
Our company website is working fine and is accessible externally however all internal clients cannot access the site through our Smoothwall filter.

Our website is on the same domain as our internal domain and we have a www record in DNS pointing to the external web server’s IP address.

None of our clients can navigate to or ping the website. I logged into the Smoothwall and under the IP Tools section ran a ping to the company website and got 100% packet loss yet pings to all other and obvious blocked sites get through fine so it’s not filtering.

Also if I run the ping tests from the 4 internal Ethernet port interfaces we have setup in Smoothwall I get a 100% failure yet if I use the external Ethernet port it gets a working ping.

It seems to be a DNS issue and the Smoothwall doesn’t seem to know how to either get to our website or deal with the response back from our internal DNS server, or possibly isn’t getting a response back.

The strange issue that has really stumped me is both my IP address and one other in our internal range can access the site fine internally. My IP and the second one that works are both added as Exceptions in the Smoothwall but so are my colleagues and they are all getting site unavailable.

This has been working fine. Any ideas/pointers?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Hello,

Is it shows external IP when you ping the URL  
IP will not resolved or you get unknown host error if it is DNS issue.

Can you use google DNS(8.8.8.8) or any other public DNS ip as your DNS and check the web.

It seems you are facing firewall policy issue insted of DNS issue. you may blocking either your destination IP in your source NAT gateway or blockin source IP in destination side firewall.

By the way Where do you keep your web server ? Is it at your Network or in service proider's network?
Distinguished Expert 2018

Commented:
In the long run, you need to change the name of your AD domain.

Our website is on the same domain as our internal domain and we have a www record in DNS pointing to the external web server’s IP address.
What is the primary for the website: domain.com or www.domain.com? If the prior, you're always going to have issues. If the latter, then things should be doable. Make sure that the web developers don't have www.domain.com redirect to domain.com.

Also if I run the ping tests from the 4 internal Ethernet port interfaces we have setup in Smoothwall I get a 100% failure yet if I use the external Ethernet port it gets a working ping.
What happens if you ping the correct IP address from inside the network? You never mentioned whether you tried by domain name or IP.

Author

Commented:
It turns out that our BT IP address has been blacklisted by the company the hosting site uses for traffic analysis. Thanks for your help!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial