duhaas
Enthusiast
Enthusiast

View Connection Broker URL (External and Internal DNS the Same)

Jump to solution

I'm trying to determine if its possible to have an internal connection broker that resolves internally to view.compay.com (10.1.1.10) and say a security server that sits in the dmz that resolves to view.company com (199.10.10.10).  Is it possible to retain that view.company.com for both?  At the moment we just resolve the internal to desktops.company.com, but I'm trying to determine how it might be feasible to use the same across both.

0 Kudos
1 Solution

Accepted Solutions
mittim12
Immortal
Immortal

You can have the URL resolve to the same name.    We have our internal DNS pointing to the name company.view.com and then from outside company.view.com resolves to our security server.   

View solution in original post

0 Kudos
6 Replies
mittim12
Immortal
Immortal

You can have the URL resolve to the same name.    We have our internal DNS pointing to the name company.view.com and then from outside company.view.com resolves to our security server.   

View solution in original post

0 Kudos
duhaas
Enthusiast
Enthusiast

Great, thanks for the information, my concern was that View resolving the internal address and getting confused when I put the information into the security server properties:

http://monosnap.com/image/hTYStbtoVeOXWEbEHCqwH7n9R.png

0 Kudos
BL460c
Contributor
Contributor

Did you create a new DNS zone for that or how did you do it?

ie if your

internal domain is mycompany.lan

external domain is mycompany.com

you can then set your external dns provider to have view.mycompany.com to point to the external Security Server in the DMZ

then on your internal DNS did you create a primary zone for mycompany.com and add view.mycompany.com and point it to the internal connection broker?

what happens if you have an external website website.mycompany.com and you are trying to look that up internally, do you nede to have all the relevant records in your internal zone you created?

or does the DNS server automatically look up the external DNS if it doesn't have the records in the zone?

if that makes sense

---------------

I was just testing it here but it seems to break my external website hosted by a 3rd party

I created a new primary zone on my internal DNS mycompany.com

I added an A records of view.mycompany.com to point to my internal view connection servers works fine

I added an A record of view.mycompany.com on my external DNS to point to the public IP works fine to the security servers

but now when I internally try to lookup website.mycompany.com from inside as I have no record it can't get to the website and it doesn't resolve

how do you work aroudn that without having to duplicate all external records internally?

0 Kudos
jjohnston1127
Hot Shot
Hot Shot

It is very easy to do with split DNS.


Setup your external DNS with your public IP to view.company.com.

Create a DNZ zone of view.company.com on your internal DNS servers. Not company.com, but view.company.com. Set the parent record to be the IP address of the internal server.  By setting up a zone of the FQDN it will not break the rest of the functionality for the root domain company.com and you will still resolve any other hosts on company.com by the external DNS.

You're done.

0 Kudos
BL460c
Contributor
Contributor

Bingo

thank you!

0 Kudos
iamxCPx
Enthusiast
Enthusiast

Thanks for the tip!!!

I'm cleaning up my domain.com dns on the AD now and setup a new zone view.domain.com, mail.domain.com, etc.

0 Kudos