N
newtomac
Hi All,
I posted this in the WindowsNT.dns newsgroup and thought it would be
better posted here. Thanks!
Hi Everyone,
We recently moved to Active Directory (Win2000) DNS. The problem we are
having is we connect to three different companies over a private line,
so an internal web site will have an internal ip. We were running
Symantec Firewall with DNS and were able to enter in a host name and
domain name with the private ip address and everything worked well
(There were not any zones to deal with)
With AD DNS we need to create zones for each of theses domains and
create the same internal records. The problem with this is that the AD
DNS server thinks its the root of the other company's domain, so if a
host is not specified it will not forward the request. For example:
domain1.com (external domain)
insidehost.domain1.com A 10.10.10.1
The only host we can access is insidehost.domain1.com, all other
requests fail becasue they are not listed in the DNS server.
What we have done to work around this is obtain public host records
including MX records and added them to our DNS server locally. We also
added the NS records and SOA records. This enables us to send email,
but still any host not defined will fail, even with the NS and SOA
records Windows fails the query.
Is there any way around this other than what I have done? I do not have
access to the other company's internal DNS server - that is restricted
by a firewall and unfortunatley is not an option to open that up. My
guess is we have to work with what we have done, but i was wondering if
there was a way around this or is there another product that will
perform name look ups and if it cannot find it locally will simply pass
it on to another name server.
Hopefully this makes sense to someone.
Thanks very much for taking the time to read this
I posted this in the WindowsNT.dns newsgroup and thought it would be
better posted here. Thanks!
Hi Everyone,
We recently moved to Active Directory (Win2000) DNS. The problem we are
having is we connect to three different companies over a private line,
so an internal web site will have an internal ip. We were running
Symantec Firewall with DNS and were able to enter in a host name and
domain name with the private ip address and everything worked well
(There were not any zones to deal with)
With AD DNS we need to create zones for each of theses domains and
create the same internal records. The problem with this is that the AD
DNS server thinks its the root of the other company's domain, so if a
host is not specified it will not forward the request. For example:
domain1.com (external domain)
insidehost.domain1.com A 10.10.10.1
The only host we can access is insidehost.domain1.com, all other
requests fail becasue they are not listed in the DNS server.
What we have done to work around this is obtain public host records
including MX records and added them to our DNS server locally. We also
added the NS records and SOA records. This enables us to send email,
but still any host not defined will fail, even with the NS and SOA
records Windows fails the query.
Is there any way around this other than what I have done? I do not have
access to the other company's internal DNS server - that is restricted
by a firewall and unfortunatley is not an option to open that up. My
guess is we have to work with what we have done, but i was wondering if
there was a way around this or is there another product that will
perform name look ups and if it cannot find it locally will simply pass
it on to another name server.
Hopefully this makes sense to someone.
Thanks very much for taking the time to read this