DNS entry to hit webmail from 'inside' ?

  • Thread starter Thread starter Magoo
  • Start date Start date
M

Magoo

Imagine from the 'internet', I do https://webmail.mycompany.com/exchange and
I hit the ISABoxDmz->OWA.

I would like to hit https://webmail2/exchange from the *inside* of my
organization and get redirected to ISABoxDMZ->OWA.

The problem is that my FQDN internal domain name is the SOA for
"it.mycompany.com"

On my InternalDNS server, do I have to create a new zone named
"mycompany.com" in order to be a able to create "Host" record that points to
"webmail2" under that zone ?

Please note that my "external" DNS servers contain namespace
"mycompany.com". I am wondering if it would conflict anything here if I
create a zone on the internal DNS servers also named "mycompany.com".
 
In
Magoo said:
Imagine from the 'internet', I do
https://webmail.mycompany.com/exchange and I hit the
ISABoxDmz->OWA.

I would like to hit https://webmail2/exchange from the
*inside* of my organization and get redirected to
ISABoxDMZ->OWA.

The problem is that my FQDN internal domain name is the
SOA for "it.mycompany.com"

On my InternalDNS server, do I have to create a new zone
named "mycompany.com" in order to be a able to create
"Host" record that points to "webmail2" under that zone ?

Please note that my "external" DNS servers contain
namespace "mycompany.com". I am wondering if it would
conflict anything here if I create a zone on the internal
DNS servers also named "mycompany.com".
Click to expand...

If you want to enter an unqualified single-label name and have it to
resolve, you'll have to create a host in the domain that is in the DNS
Suffix search list.
it.mycompany.com should be in your DNS suffix search list so put the host in
that domain.
Exchange web sites should not have a host header so that shouldn't cause a
problem. You just have to make sure whatever name you use, it must resolve
to the Exchange website address.
 
Sorry. I didn't understand the "DNS Suffix search" list part.
I go to my "internal" DNS, SOA for the name space "it.mycompany.com":

On the "Forward Lookup Zones", if I attemp to enter a host name for
"webmail2", I get the FQDN: "webmail2.it.mycompany.com". That said, I don't
see how I can accomplish the "webmail2/exchange" part ... ?? Please advise.
 
In
Magoo said:
Sorry. I didn't understand the "DNS Suffix search" list
part.
I go to my "internal" DNS, SOA for the name space
"it.mycompany.com":

On the "Forward Lookup Zones", if I attemp to enter a
host name for "webmail2", I get the FQDN:
"webmail2.it.mycompany.com". That said, I don't see how I
can accomplish the "webmail2/exchange" part ... ?? Please
advise.
Click to expand...

Your internal clients should have a Primary DNS suffix of it.mycompany.com
(Win2k and later) Windows takes this suffix and adds it to the DNS suffix
search list. whaeneve a nonFQDN such as a single-label name is used, this
name is appended to the query, so webmail2.it.mycompany.com is actually sent
to DNS.

See your ipconfig /all from the DNS suffix search list.
 
You are correct about the suffix. I got that part.
What I am asking is this:
Are you saying that if I go to my "internal" DNS (the SOA for
it.mycompany.com) and I add a host record:

webmail2 --> IP address of my ISA Server (DMZ)
it appears in the FQDN:
webmail2.it.mycompany.com

Then you are saying that because clients know the suffix it.mycompany.com,
that webmail2 entry should be enough ?
It
 
In
Magoo said:
You are correct about the suffix. I got that part.
What I am asking is this:
Are you saying that if I go to my "internal" DNS (the SOA
for it.mycompany.com) and I add a host record:

webmail2 --> IP address of my ISA Server (DMZ)
it appears in the FQDN:
webmail2.it.mycompany.com

Then you are saying that because clients know the suffix
it.mycompany.com, that webmail2 entry should be enough ?
Click to expand...

Yes, it should be enough, as long as all clients are using only the internal
DNS address and that they have a DNS suffix search list.
 
Back
Top