Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1065
Views
0
Helpful
8
Replies

DNS and PROXY Problem

badih_abifadel
Level 1
Level 1

‎08-29-2003 02:12 AM - edited ‎03-09-2019 04:36 AM

I have the following Scenario: A LAN with internal DNS server, the LAN is connected through a PIX Firewall to the internet (Integrated with WebSense).

their WEB server is hosted at the ISP site (EXTERNAL to the PIX). the domain name of the web server is the same domain name as the active directory (inside the LAN). eg: www.test.com .

if a user in the inside zone type www.test.com he can not reach the web page. while any user on the internet can access the web page by typing www.test.com

Can I solve this problem without changing the domain name.

Labels:
0 Helpful
8 Replies 8

bdube
Level 2
Level 2

‎08-29-2003 02:30 AM

Your DNS is inside, then if it does resolution only for inside users, you just have to edit the Alias record with the inside IP address, not the public. If your inside DNS serves also outside users, you have to move it to DMZ or Outside and use DNS doctoring feature (Alias command).

Regards

Ben

0 Helpful

badih_abifadel
Level 1
Level 1
In response to bdube

‎08-29-2003 02:37 AM

I do not have outside users using my internal DNS.

can you please elaborate more.

Regards

badih

0 Helpful

jmia
Level 7
Level 7
In response to badih_abifadel

‎08-29-2003 03:12 AM

Hi Badih,

The following document will give you a better understanding of 'alias and DNS Doctoring' :-

http://www.cisco.com/warp/public/110/alias.html

Hope this helps.. Jay

0 Helpful

badih_abifadel
Level 1
Level 1
In response to jmia

‎08-29-2003 03:32 AM

Hi Jay,

My Internal DNS, is pointing to the ACTIVE DIRECTORY domain name, (which is inside the INTERNAL zone)

the ISP EXTERNAL DNS is pointing toward the WEB server (they both "EXTERNAL DNS and WEB Server" are on the external zone at the ISP site.

the ACTIVE directory domain name is the same as the web page.

so the DNS request by internal users is always replied by the INTERNAL DNS before reaching the PIX.

Regards

0 Helpful

jmia
Level 7
Level 7
In response to badih_abifadel

‎08-29-2003 03:43 AM

Hi,

I'm sorry but what are the problems you are having? I presume that your internal clients have their DNS setting pointing to the inside DNS server? Do you want your internal clients have their DNS request to be answered by the external DNS server, if so then point your internal clients DNS setting to the outside DNS server IP address (ISP)DNS.

Let me know your thoughts.. Jay

0 Helpful

badih_abifadel
Level 1
Level 1
In response to jmia

‎08-29-2003 03:56 AM

Hello jay,

If I change the DNS user to the external DNS, I will be able to reach the EXTERNAL WEB server, but the users will not be able to join the domain.

Regards

0 Helpful

bdube
Level 2
Level 2
In response to badih_abifadel

‎08-29-2003 05:35 PM

You don't have to redirect inside users to external DNS. You just need to add a "A record" to your inside DNS to resolve www.test.com, even if the address is outside your network.

Regards

Ben

0 Helpful

jmia
Level 7
Level 7
In response to bdube

‎08-30-2003 01:32 AM

Hi -

Have you got a 'A Record' on your inside DNS server to resolve www.test.com, if you haven't then please add this and see if you still have problems.

Thanks - Jay

0 Helpful
Customers Also Viewed These Support Documents