I'm having trouble accessing a couple of websites and I've discovered tat we do not have a reverse We hold our own xxx.xxx.xxx.xxx/024 range and using this we have 2x firewalls in a clustered configuration with a front facing IP of xxx.xxx.xxx.001 I have just found out that there is no Reverse DNS pointer but we do have the Nameserver of our ISP and also Google in the firewall's setting's name server location. We've never had a problem previously and after checking through the DNS Setting on the internal servers(Svr1 - 2012 Std OS, Svr2 - 2012 Std R2 OS) I've been able to find no errors that indicate that DNS isn't working.
If I do an nslookup of xxx.xxx.xxx.001 I get a response back of: ***servername.ABC.local can't find xxx.xxx.xxx.001: Non-Existent domain
This is a similar message that is seen when trying to access these couple of websites: DNS_PROBE_FINISHED_NXDOMAIN which is why I think it may be the reverse pointer that is now required.
Our main website is hosted by another provider but they won't host any reverse pointer settings using our Office location IP address (front facing IP of the firewall) although they do hold all of other other DNS zone records
Has anyone got any ideas as to the best way to resolve or add this pointer into the mix. I really am not sure what to do next.
Where are the web sites that you can't access? Are they behind your firewall? Where are the clients that can't access? Are they behind the same firewall?
Often times you may try to access a resource and DNS returns the public IP, but the client and resource are both behind the same firewall. In that case the client usually needs to access via the private IP of the web server, not the public IP.
This can be resolved by adding record in internal DNS, or changing firewall behavior (usually pretty complicated).