[Diego8]

At work i have a web server that hosts our company's web site. Anyone can access the site from the outside but if i try to do the same from the inside i get a time out.
The only way i have managed to access it from the inside is with the server's internal ip address.
Googling i found that one solution could be editing the hosts file in /system32/drivers/etc/hosts, this would solve the issue in the desktop computers but not with the laptops.
We also have a Windows 2003 Server that acts as a file and dns server.
Is there a way i can setup the dns server so that it translates our site address to the inside web server's ip address?

Any help is greatly appreciated.
Thanks.

[Advertisements]

I think that'll be a routing issue.
Lets see what a tracert comes up with.
Try this:
Please try to ping the device.

• Go to Start -> Run.
• In the Box, type in "cmd".
• A black box will appear. Type in: "tracert <outside address>" (Please use the domain name)
• A lot of information will appear, Please right click the black window and hit mark.
• Select every line of text you recieved and hit "enter" to copy.
• Then paste it into your next reply.

Then repeat these steps but with the inside IP.
Please seperate the 2 information posts clearly.

Regards,
Olrik

[Artellos]

I think that'll be a routing issue.
Lets see what a tracert comes up with.
Try this:
Please try to ping the device.

• Go to Start -> Run.
• In the Box, type in "cmd".
• A black box will appear. Type in: "tracert <outside address>" (Please use the domain name)
• A lot of information will appear, Please right click the black window and hit mark.
• Select every line of text you recieved and hit "enter" to copy.
• Then paste it into your next reply.

Then repeat these steps but with the inside IP.
Please seperate the 2 information posts clearly.

Regards,
Olrik

[Diego8]

Here i post the tracert results.
I forgot to mention that between the outside and the inside we have a Cisco PIX 501 Firewall, this is where we configure all the NAT and access rules.


Tracert outside address.

C:\Documents and Settings\Administrator>tracert <domain name here>

Tracing route to <domain name here> [<outside ip address here>]

over a maximum of 30 hops:

1 * * * Request timed out.
2 * * * Request timed out.
3 * * * Request timed out.
4 ^C (Cancelled by user)

----------------------------

Tracert using inside ip address.

C:\Documents and Settings\Administrator>tracert 192.168.1.101

Tracing route to 192.168.1.101 over a maximum of 30 hops

1 <1 ms <1 ms <1 ms 192.168.1.101

Trace complete.
-------------------------

Edited by Diego8, 20 May 2008 - 02:04 PM.

[Artellos]

I'm sorry, I guess I wasn't being completely clear
<domain name here> should've said the domain name you're accessing the site on. (External address)

Regards,
Olrik

[Diego8]

I made the trace to the domain (by public ip address and by domain name), just didn't post the real domain and ip address because of privacy politics of our company.

Edited by Diego8, 20 May 2008 - 03:16 PM.

[Artellos]

Ofcourse.. Sorry I'm being sleepy.
I shall go to bed and awnser your posts with a clear mind tomorrow.

I'm sorry for the delay.
Regards,
Olrik

[fawoodward]

On your internal DNS server, under Forward Lookup Zones, find your domain and right click it and select "New Host..." then add your web server and it's internal IP.

[Diego8]

I tryed adding the web server to the Forward Lookup Zones (using the internal IP address), but i still can't access it using the url available from outside. (As host FQDN i wrote the same address i use to connect from outside the LAN).
Am i doing something wrong here?

[fawoodward]

OK, I may have misunderstood your intentions. You're able to type in your company's URL and be directed to the proper web server from any computer outside your LAN, but not from inside your LAN, correct? Go to start menu | Run... type in: cmd and at the DOS prompt type: route print>route.txt and paste the contents of the route.txt file.

[Diego8]

My apologies for not repling sooner.
Yes, fawoodward, that's exactly what's happening.
Here i post the results of the route command.

I also attached the route.txt file because i'm not sure if the route's list will be easily readable.

The IP address of the computer where i ran the command is 192.168.1.100 (file server), the WebServer's IP address is 192.168.1.101


IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface0x10003 ...00 19 e0 73 0d 4f ...... Gibabit Realtek RTL8169 Ethernet Adapter
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.22 192.168.1.100 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.100 192.168.1.100 20
192.168.1.100 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.100 192.168.1.100 20
224.0.0.0 240.0.0.0 192.168.1.100 192.168.1.100 20
255.255.255.255 255.255.255.255 192.168.1.100 192.168.1.100 1
Default gateway: 192.168.1.22
===========================================================================
Persistent Routes:
None

Attached Files

•  route.txt   1.16KB   424 downloads

Edited by Diego8, 03 June 2008 - 06:23 PM.

[fawoodward]

Go to start menu | Run... type in: cmd and at the DOS prompt type: tracert {external web server IP}>tracert.txt and paste the contents of that.

Also, I'm assuming your router's IP is 192.168.1.22?

[Diego8]

Yes, that's right the router's (a cisco pix firewall) is 192.168.1.22
This are the results of the tracert command

Tracing route to rXXX-XX-XXX-XXX.ae-static.{here goes ISP Name}.net.uy [XXX.XX.XXX.XXX]
over a maximum of 30 hops:

1 * * * Request timed out.
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.

^C (Cancelled by user)

I aslo tryed running tracert for other sites (like google or geekstogo) and also got Request timed out.

[Luis Carlos]

In my case i had to add an A record to point to the www which is the IP address of your website.
lets say your company is www.mycompany.com and your ip for that domain is 178.35.34.98

the A record is the 178.35.34.98 and should be entered in the DNS>SERVERNAME>FORWARD LOOKUP ZONES>MYCOMPANY.COM
right click on mycompany.com and add an A record name it www and add the IP address 178.35.34.98 which in this case is the ip address of your company.

Hope it helps
good luck

Luis Carlos