I recently installed a firebox firewall on our network and added a internet
webserver. I configured the web server to have an internal ip address of
192.168.x.x and the firewall nats the public ip address 24.237.8.x to it
on port 80. That part works great.

However, internal users cannot use the external ip address, - they can only
use the local address. I would really like my users to be able to use the
same address internally and externally.

I registered a domain name and what I would like to do is to make is so that
if you are using my internal DNS server (running on windows 2000) you will
see 192.168.x.x for the registered domain name. And when you arent' in the
office, you use everyone elses dns which includes the record to point that
domain name to the external address.

I have no idea how to add this record to my dns server in house. I am a
programmer, not a network geek.

PLEASE HELP!!!!!

Thanks in advance!!!

Add a www record for this server on your Internal DNS server.

--
Scott Harding
MCSE, MCSA, A+, Network+
Microsoft MVP - Windows NT Server

"BethF" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I recently installed a firebox firewall on our network and added a
internet
> webserver. I configured the web server to have an internal ip address of
> 192.168.x.x and the firewall nats the public ip address 24.237.8.x to
it
> on port 80. That part works great.
>
> However, internal users cannot use the external ip address, - they can
only
> use the local address. I would really like my users to be able to use the
> same address internally and externally.
>
> I registered a domain name and what I would like to do is to make is so
that
> if you are using my internal DNS server (running on windows 2000) you will
> see 192.168.x.x for the registered domain name. And when you arent' in
the
> office, you use everyone elses dns which includes the record to point that
> domain name to the external address.
>
> I have no idea how to add this record to my dns server in house. I am a
> programmer, not a network geek.
>
> PLEASE HELP!!!!!
>
> Thanks in advance!!!
>
>

This is one of the situations where the idea of using separate names for
your internal and external domain names look very attractive, reasonable,
practical and sensible.

You solution could be as simple as Scott mentioned, IF the website is
actually hosted OUTSIDE. However, from your statement:

> > However, internal users cannot use the external ip address, - they can
only
> > use the local address. I would really like my users to be able to use
the same address internally and externally.

I am thinking that you are hosting the site internaly and you are using the
same DNS server for your internal resolution and to answer external queries.
So, if you do what Scott says (I believe that's what you are doing now), the
request gets sent to your external IP and it hits your Firewall and your
firewall sees that it's internally sourced and discards it. Or something
like that . This is where you'd start reading about split-brain DNS
(http://searchwin2000.techtarget.com/...912486,00.html and
http://www.microsoft.com/serviceprov.../split_dns.asp)

Good hunting.
--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
www.akomolafe.com
www.iyaburo.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
"Scott Harding - MS MVP" <scrockel@**NO_SPAM**hotmail.com> wrote in message
news:#(E-Mail Removed)...
> Add a www record for this server on your Internal DNS server.
>
> --
> Scott Harding
> MCSE, MCSA, A+, Network+
> Microsoft MVP - Windows NT Server
>
> "BethF" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > I recently installed a firebox firewall on our network and added a
> internet
> > webserver. I configured the web server to have an internal ip address
of
> > 192.168.x.x and the firewall nats the public ip address 24.237.8.x
to
> it
> > on port 80. That part works great.
> >
> > However, internal users cannot use the external ip address, - they can
> only
> > use the local address. I would really like my users to be able to use
the
> > same address internally and externally.
> >
> > I registered a domain name and what I would like to do is to make is so
> that
> > if you are using my internal DNS server (running on windows 2000) you
will
> > see 192.168.x.x for the registered domain name. And when you arent' in
> the
> > office, you use everyone elses dns which includes the record to point
that
> > domain name to the external address.
> >
> > I have no idea how to add this record to my dns server in house. I am a
> > programmer, not a network geek.
> >
> > PLEASE HELP!!!!!
> >
> > Thanks in advance!!!
> >
> >
>
>

B> I have no idea how to add this record to my dns server in house.

Now you have.

<URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/dns-split-horizon-common-server-names.html>

"Scott Harding - MS MVP" <scrockel@**NO_SPAM**hotmail.com> wrote in message
news:%(E-Mail Removed)...
> Add a www record for this server on your Internal DNS server.


Thats what I don't know how to do?

In Administrative Tools, DNS?
Then what?

"Deji Akomolafe" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> This is one of the situations where the idea of using separate names for
> your internal and external domain names look very attractive, reasonable,
> practical and sensible.
>
> You solution could be as simple as Scott mentioned, IF the website is
> actually hosted OUTSIDE. However, from your statement:
>
> > > However, internal users cannot use the external ip address, - they
can
> only
> > > use the local address. I would really like my users to be able to use
> the same address internally and externally.
>
> I am thinking that you are hosting the site internaly and you are using
the
> same DNS server for your internal resolution and to answer external
queries.
> So, if you do what Scott says (I believe that's what you are doing now),
the
> request gets sent to your external IP and it hits your Firewall and your
> firewall sees that it's internally sourced and discards it. Or something
> like that . This is where you'd start reading about split-brain DNS
> (http://searchwin2000.techtarget.com/...912486,00.html
and
> http://www.microsoft.com/serviceprov.../split_dns.asp)


Actually, the site is hosted internally, but the nameservers are at network
solutions. We use an internal dns server for our own ability to resolve
names. SO I think Scotts idea will work, but i dont' know how to do that.

In that case, expand the name of the server, expand "forward lookup zones"
and right-click on the name of your zone, and click "New Hosr(A)". Type in
www for the name, and then enter the external IP address.

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
www.akomolafe.com
www.iyaburo.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
"BethF" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> "Scott Harding - MS MVP" <scrockel@**NO_SPAM**hotmail.com> wrote in
message
> news:%(E-Mail Removed)...
> > Add a www record for this server on your Internal DNS server.
>
>
> Thats what I don't know how to do?
>
> In Administrative Tools, DNS?
> Then what?
>
>

"Deji Akomolafe" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> In that case, expand the name of the server, expand "forward lookup zones"
> and right-click on the name of your zone, and click "New Hosr(A)". Type in
> www for the name, and then enter the external IP address.
>
> --
> Sincerely,
>
> Dèjì Akómöláfé, MCSE MCSA MCP+I


Thank you SOO MUCH!!!

If he adds this Internal IP of this server and creates a Zone for it, that
should do it, won't it? Then the Internal DNS server will never query the
real Internet DNS servers to find this zone because it is the SOA for it and
return the INTERNAL ip of the website. This is really the reasoning for the
Internal and External domain names to be different. As long as no one
OUTSIDE of the office uses this DNS server to get to this server this should
work or is it too close to going home and my brain is fried?!?!?!

--
Scott Harding
MCSE, MCSA, A+, Network+
Microsoft MVP - Windows NT Server

"Deji Akomolafe" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> In that case, expand the name of the server, expand "forward lookup zones"
> and right-click on the name of your zone, and click "New Hosr(A)". Type in
> www for the name, and then enter the external IP address.
>
> --
> Sincerely,
>
> Dèjì Akómöláfé, MCSE MCSA MCP+I
> www.akomolafe.com
> www.iyaburo.com
> Do you now realize that Today is the Tomorrow you were worried about
> Yesterday? -anon
> "BethF" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> >
> > "Scott Harding - MS MVP" <scrockel@**NO_SPAM**hotmail.com> wrote in
> message
> > news:%(E-Mail Removed)...
> > > Add a www record for this server on your Internal DNS server.
> >
> >
> > Thats what I don't know how to do?
> >
> > In Administrative Tools, DNS?
> > Then what?
> >
> >
>
>

> If he adds this Internal IP of this server and creates a Zone for it, that
should do it, won't it?
Unless the internal and external names are the same. That was my line of
reasoning.

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
www.akomolafe.com
www.iyaburo.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
"Scott Harding - MS MVP" <scrockel@**NO_SPAM**hotmail.com> wrote in message
news:#(E-Mail Removed)...
> If he adds this Internal IP of this server and creates a Zone for it, that
> should do it, won't it? Then the Internal DNS server will never query the
> real Internet DNS servers to find this zone because it is the SOA for it
and
> return the INTERNAL ip of the website. This is really the reasoning for
the
> Internal and External domain names to be different. As long as no one
> OUTSIDE of the office uses this DNS server to get to this server this
should
> work or is it too close to going home and my brain is fried?!?!?!
>
> --
> Scott Harding
> MCSE, MCSA, A+, Network+
> Microsoft MVP - Windows NT Server
>
> "Deji Akomolafe" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > In that case, expand the name of the server, expand "forward lookup
zones"
> > and right-click on the name of your zone, and click "New Hosr(A)". Type
in
> > www for the name, and then enter the external IP address.
> >
> > --
> > Sincerely,
> >
> > Dèjì Akómöláfé, MCSE MCSA MCP+I
> > www.akomolafe.com
> > www.iyaburo.com
> > Do you now realize that Today is the Tomorrow you were worried about
> > Yesterday? -anon
> > "BethF" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> > >
> > > "Scott Harding - MS MVP" <scrockel@**NO_SPAM**hotmail.com> wrote in
> > message
> > > news:%(E-Mail Removed)...
> > > > Add a www record for this server on your Internal DNS server.
> > >
> > >
> > > Thats what I don't know how to do?
> > >
> > > In Administrative Tools, DNS?
> > > Then what?
> > >
> > >
> >
> >
>
>