Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cannot access web server from inside lan


  • Please log in to reply

#1
Diego8

Diego8

    Member

  • Member
  • PipPipPip
  • 189 posts
At work i have a web server that hosts our company's web site. Anyone can access the site from the outside but if i try to do the same from the inside i get a time out.
The only way i have managed to access it from the inside is with the server's internal ip address.
Googling i found that one solution could be editing the hosts file in /system32/drivers/etc/hosts, this would solve the issue in the desktop computers but not with the laptops.
We also have a Windows 2003 Server that acts as a file and dns server.
Is there a way i can setup the dns server so that it translates our site address to the inside web server's ip address?

Any help is greatly appreciated.
Thanks.
  • 0

Advertisements


#2
Artellos

Artellos

    Tech Secretary

  • Global Moderator
  • 3,888 posts
I think that'll be a routing issue.
Lets see what a tracert comes up with.
Try this:
Please try to ping the device.
  • Go to Start -> Run.
  • In the Box, type in "cmd".
  • A black box will appear. Type in: "tracert <outside address>" (Please use the domain name)
  • A lot of information will appear, Please right click the black window and hit mark.
  • Select every line of text you recieved and hit "enter" to copy.
  • Then paste it into your next reply.

Then repeat these steps but with the inside IP.
Please seperate the 2 information posts clearly.

Regards,
Olrik
  • 0

#3
Diego8

Diego8

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 189 posts
Here i post the tracert results.
I forgot to mention that between the outside and the inside we have a Cisco PIX 501 Firewall, this is where we configure all the NAT and access rules.


Tracert outside address.

C:\Documents and Settings\Administrator>tracert <domain name here>

Tracing route to <domain name here> [<outside ip address here>]

over a maximum of 30 hops:

1 * * * Request timed out.
2 * * * Request timed out.
3 * * * Request timed out.
4 ^C (Cancelled by user)

----------------------------

Tracert using inside ip address.

C:\Documents and Settings\Administrator>tracert 192.168.1.101

Tracing route to 192.168.1.101 over a maximum of 30 hops

1 <1 ms <1 ms <1 ms 192.168.1.101

Trace complete.
-------------------------

Edited by Diego8, 20 May 2008 - 02:04 PM.

  • 0

#4
Artellos

Artellos

    Tech Secretary

  • Global Moderator
  • 3,888 posts
I'm sorry, I guess I wasn't being completely clear :)
<domain name here> should've said the domain name you're accessing the site on. (External address)

Regards,
Olrik
  • 0

#5
Diego8

Diego8

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 189 posts
I made the trace to the domain (by public ip address and by domain name), just didn't post the real domain and ip address because of privacy politics of our company.

Edited by Diego8, 20 May 2008 - 03:16 PM.

  • 0

#6
Artellos

Artellos

    Tech Secretary

  • Global Moderator
  • 3,888 posts
Ofcourse.. Sorry I'm being sleepy.
I shall go to bed and awnser your posts with a clear mind tomorrow.

I'm sorry for the delay.
Regards,
Olrik
  • 0

#7
fawoodward

fawoodward

    Member

  • Member
  • PipPipPip
  • 141 posts
On your internal DNS server, under Forward Lookup Zones, find your domain and right click it and select "New Host..." then add your web server and it's internal IP.
  • 0

#8
Diego8

Diego8

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 189 posts
I tryed adding the web server to the Forward Lookup Zones (using the internal IP address), but i still can't access it using the url available from outside. (As host FQDN i wrote the same address i use to connect from outside the LAN).
Am i doing something wrong here?
  • 0

#9
fawoodward

fawoodward

    Member

  • Member
  • PipPipPip
  • 141 posts
OK, I may have misunderstood your intentions. You're able to type in your company's URL and be directed to the proper web server from any computer outside your LAN, but not from inside your LAN, correct? Go to start menu | Run... type in: cmd and at the DOS prompt type: route print>route.txt and paste the contents of the route.txt file.
  • 0

#10
Diego8

Diego8

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 189 posts
My apologies for not repling sooner.
Yes, fawoodward, that's exactly what's happening.
Here i post the results of the route command.

I also attached the route.txt file because i'm not sure if the route's list will be easily readable.

The IP address of the computer where i ran the command is 192.168.1.100 (file server), the WebServer's IP address is 192.168.1.101


IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface0x10003 ...00 19 e0 73 0d 4f ...... Gibabit Realtek RTL8169 Ethernet Adapter
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.22 192.168.1.100 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.100 192.168.1.100 20
192.168.1.100 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.100 192.168.1.100 20
224.0.0.0 240.0.0.0 192.168.1.100 192.168.1.100 20
255.255.255.255 255.255.255.255 192.168.1.100 192.168.1.100 1
Default gateway: 192.168.1.22
===========================================================================
Persistent Routes:
None

Attached Files


Edited by Diego8, 03 June 2008 - 06:23 PM.

  • 0

#11
fawoodward

fawoodward

    Member

  • Member
  • PipPipPip
  • 141 posts
Go to start menu | Run... type in: cmd and at the DOS prompt type: tracert {external web server IP}>tracert.txt and paste the contents of that.

Also, I'm assuming your router's IP is 192.168.1.22?
  • 0

#12
Diego8

Diego8

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 189 posts
Yes, that's right the router's (a cisco pix firewall) is 192.168.1.22
This are the results of the tracert command

Tracing route to rXXX-XX-XXX-XXX.ae-static.{here goes ISP Name}.net.uy [XXX.XX.XXX.XXX]
over a maximum of 30 hops:

1 * * * Request timed out.
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.

^C (Cancelled by user)

I aslo tryed running tracert for other sites (like google or geekstogo) and also got Request timed out.
  • 0

#13
Luis Carlos

Luis Carlos

    New Member

  • Member
  • Pip
  • 1 posts
In my case i had to add an A record to point to the www which is the IP address of your website.
lets say your company is www.mycompany.com and your ip for that domain is 178.35.34.98

the A record is the 178.35.34.98 and should be entered in the DNS>SERVERNAME>FORWARD LOOKUP ZONES>MYCOMPANY.COM
right click on mycompany.com and add an A record name it www and add the IP address 178.35.34.98 which in this case is the ip address of your company.

Hope it helps
good luck

Luis Carlos
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP