11-10-2014 12:18 PM - edited 03-17-2019 04:38 PM
I'm in the process of setting up both an Expressway C and an Expressway E device to support my new Jabber implementation.
I'm running into one problem, so I thought I'd post it here.
First, I have both VMs configured, a traversal zone configured, as well as the NAT reflection for the Expressway E.
I went to create my SRV records, and I'm haing an issue with the records for the external DNS servers.
My company uses a private domain internally, and a public domain externally. So, if the company is called Foo Inc, my external domain is FOO.COM, where my internal domain, which is all Active Directory, is called FOO.CORP.
This being the case, my internals DNS resembles:
HOST expc.foo.corp [private IP]
HOST expe.foo.com [public IP]
SRV _tcp._cuplogin 0 0 8443 expc.foo.corp
SRV _tcp._cisco-uds 1 5 8443 cm1.foo.corp
SRV _tcp._cisco-uds 0 0 8443 cm2.foo.corp
SRV _tcp._sips 10 10 5061 expe.foo.com
SRV _collab-edge 10 10 8443 expe.foo.com
My external DNS reads
HOST expe.foo.com [public IP]
SRV _tcp._sips 10 10 5061 expe.foo.com
SRV _collab-edge 10 10 8443 expe.foo.com
If I start up a Jabber client when I'm outside of my network, the client attempts to resolve the SRV records which point to the EXP-E, The problem is that Wireshark tells me that the client is looking for expe.foo.corp, and not expe.foo.com, and as such, the queries are unresolved, as the public DNS server doesn't know about *.corp.
How do I force Jabber to look up on foo.com, and not foo.corp? Given that the use of a private domain by Active Directory is a best practice, I can't believe I'm the first person to run into this.