Lan DNS Issue

G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

Problem
I cannot get to our website from the LAN but can from the WAN. The website
is on a DMZ with a public and private IP but the Lan is using a forwarder to
point to the ISP's DNS servers. So when you try to go to our website the LAN
traffic goes through the Cisco PIX and tries to connect to the external IP to
resolve the website but the PIX does not allow loopback.

Question
How do I setup DNS on the internal dns server so it knows to go to the
internal IP and not the public IP?

What I have tried
I tried to setup a www record on the lan but the problem with that is the
lan domain is example.com but the website is www.website.com. So when you add
the record you can get to the website but you have to type
www.website.com.example.com because it adds the FQDN of the internal LAN to
the website.

Thank you in advance for reading my post and helping me with this challenge.

Product
Win 2000 Server with AD
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

In news:6BBAF100-EFFD-4A17-9A59-6C41E77441AB@microsoft.com,
Madrino <Madrino@discussions.microsoft.com> posted this:
> Problem
> I cannot get to our website from the LAN but can from the WAN. The
> website is on a DMZ with a public and private IP but the Lan is using
> a forwarder to point to the ISP's DNS servers. So when you try to go
> to our website the LAN traffic goes through the Cisco PIX and tries
> to connect to the external IP to resolve the website but the PIX does
> not allow loopback.
>
> Question
> How do I setup DNS on the internal dns server so it knows to go to the
> internal IP and not the public IP?
>
> What I have tried
> I tried to setup a www record on the lan but the problem with that is
> the lan domain is example.com but the website is www.website.com. So
> when you add the record you can get to the website but you have to
> type www.website.com.example.com because it adds the FQDN of the
> internal LAN to the website.
>
> Thank you in advance for reading my post and helping me with this
> challenge.
>
> Product
> Win 2000 Server with AD

Add a new forward lookup zone named www.website.com, then in that zone,
create a new host, leave the name field blank and give it the private IP of
the web server.


--?
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

Kevin,

Thanks for your help. Do I create a Primary, Secondary, or Stub zone in the
Forward lookup zone?

"Kevin D. Goodknecht Sr. [MVP]" wrote:

> In news:6BBAF100-EFFD-4A17-9A59-6C41E77441AB@microsoft.com,
> Madrino <Madrino@discussions.microsoft.com> posted this:
> > Problem
> > I cannot get to our website from the LAN but can from the WAN. The
> > website is on a DMZ with a public and private IP but the Lan is using
> > a forwarder to point to the ISP's DNS servers. So when you try to go
> > to our website the LAN traffic goes through the Cisco PIX and tries
> > to connect to the external IP to resolve the website but the PIX does
> > not allow loopback.
> >
> > Question
> > How do I setup DNS on the internal dns server so it knows to go to the
> > internal IP and not the public IP?
> >
> > What I have tried
> > I tried to setup a www record on the lan but the problem with that is
> > the lan domain is example.com but the website is www.website.com. So
> > when you add the record you can get to the website but you have to
> > type www.website.com.example.com because it adds the FQDN of the
> > internal LAN to the website.
> >
> > Thank you in advance for reading my post and helping me with this
> > challenge.
> >
> > Product
> > Win 2000 Server with AD
>
> Add a new forward lookup zone named www.website.com, then in that zone,
> create a new host, leave the name field blank and give it the private IP of
> the web server.
>
>
> --Â?
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
>
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

"" wrote:
> Kevin,
>
> Thanks for your help. Do I create a Primary, Secondary, or
> Stub zone in the
> Forward lookup zone?
>
> "Kevin D. Goodknecht Sr. [MVP]" wrote:
>
> > In news:6BBAF100-EFFD-4A17-9A59-6C41E77441AB@microsoft.com,
> > Madrino <Madrino@discussions.microsoft.com> posted this:
> > > Problem
> > > I cannot get to our website from the LAN but can from the
> WAN. The
> > > website is on a DMZ with a public and private IP but the
> Lan is using
> > > a forwarder to point to the ISP's DNS servers. So when you
> try to go
> > > to our website the LAN traffic goes through the Cisco PIX
> and tries
> > > to connect to the external IP to resolve the website but
> the PIX does
> > > not allow loopback.
> > >
> > > Question
> > > How do I setup DNS on the internal dns server so it knows
> to go to the
> > > internal IP and not the public IP?
> > >
> > > What I have tried
> > > I tried to setup a www record on the lan but the problem
> with that is
> > > the lan domain is example.com but the website is www.website.com. So
> > > when you add the record you can get to the website but you
> have to
> > > type www.website.com.example.com because it adds the FQDN of the
> > > internal LAN to the website.
> > >
> > > Thank you in advance for reading my post and helping me
> with this
> > > challenge.
> > >
> > > Product
> > > Win 2000 Server with AD
> >
> > Add a new forward lookup zone named www.website.com, then in that zone,
> > create a new host, leave the name field blank and give it
> the private IP of
> > the web server.
> >
> >
> > --Â?
> > Best regards,
> > Kevin D4 Dad Goodknecht Sr. [MVP]
> > Hope This Helps
> > ===================================
> > When responding to posts, please "Reply to Group"
> > via your newsreader so that others may learn and
> > benefit from your issue, to respond directly to
> > me remove the nospam. from my email address.
> > ===================================
> > http://www.lonestaramerica.com/
> > ===================================
> > Use Outlook Express?... Get OE_Quotefix:
> > It will strip signature out and more
> > http://home.in.tum.de/~jain/software/oe-quotefix/
> > ===================================
> > Keep a back up of your OE settings and folders
> > with OEBackup:
> > http://www.oehelp.com/OEBackup/Default.aspx
> > ===================================
> >
> >
> >

a primary zone for website.com and a record for www (cname or A)

do you also use a proxy? Routing Script?

--
Posted using the http://www.windowsforumz.com interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.windowsforumz.com/DNS-Lan-Issue-ftopict399330.html
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1319687
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

Hi

Kevin hit nail on head , you will need to create a primary zone (then
Ad int or not as you desire)

Kevin, would it not be better (and there maybe a good reason why it
isnt - I am a noob!) to create a zone called website.com and then
within that create a www. record so then if you need to you can create
other A records for mail.website.com and intranet.website.com etc you
can, without having to create another zone?

I understand a "same as parent" host record in www.website.com zone
will work perfectly though


Si


--
pscyimePosted from http://www.pcreview.co.uk/ newsgroup access
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

Hi


ECHO......ECHo......ECho.....Echo....echo.......lol, I think we have
made our point gents,keep up the good work

:)

S


--
pscyimePosted from http://www.pcreview.co.uk/ newsgroup access
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

In news:s6OdnXlDj6560H_fRVn_vQ@giganews.com,
pscyime <pscyime.1smlda@> posted this:
> Hi
>
> Kevin hit nail on head , you will need to create a primary zone (then
> Ad int or not as you desire)
>
> Kevin, would it not be better (and there maybe a good reason why it
> isnt - I am a noob!) to create a zone called website.com and then
> within that create a www. record so then if you need to you can create
> other A records for mail.website.com and intranet.website.com etc you
> can, without having to create another zone?

It depends on how many other host names you will need to resolve to the
private address, if you only need the one and you create the zone for only
the domain name, you have no choice but to create the rest of the records.



--?
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

In news:3_1319687_b636172b69b453944d964180bba70bcd@windowsforumz.com,
Jorge_de_Almeida_Pinto <UseLinkToEmail@WindowsForumz.com> posted this:
> a primary zone for website.com and a record for www (cname or A)
>
> do you also use a proxy? Routing Script?

Why would you create a zone for the domain if you only need the one record?
You could be setting yourself up to create and maintain a lot of records.
A Cname typically won't work because Cnames usually resolve to a name in the
same domain name.


--?
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================