zillah Posted March 17, 2010 Share Posted March 17, 2010 HiAt work I have got a windows 2003 server (Active Directory environment with Exchange) and 10 clients with XP OS, Server 2003 acting as internal DNSThey are connected to a snap gear router which is connected to an ADSL modem.We have got a work’s website suppose it is called: www.works.org.nl which is hosted with external provider I cannot access our work’s website www.works.org.nl from any PC at work but I have got no problem to access any other websites.From work when I ping the our work website www.works.org.nl it times out but it gives me this ip address 234.56.79.104 ,,,,,,,,,,not the real ip address please pay attention to last octet From home when I ping our work website www.works.org.nl it does not time out (means there is a reply) but it gives me this ip address 234.56.79.20,,,,,,,, not the real ip address only last octet is different comparing to ip address at work. From home I have got no problem to access our work’s website www.works.org.nlThanks Quote Link to comment Share on other sites More sharing options...
lewmur Posted March 17, 2010 Share Posted March 17, 2010 (edited) HiAt work I have got a windows 2003 server (Active Directory environment with Exchange) and 10 clients with XP OS, Server 2003 acting as internal DNSThey are connected to a snap gear router which is connected to an ADSL modem.We have got a work’s website suppose it is called: www.works.org.nl which is hosted with external provider I cannot access our work’s website www.works.org.nl from any PC at work but I have got no problem to access any other websites.From work when I ping the our work website www.works.org.nl it times out but it gives me this ip address 234.56.79.104 ,,,,,,,,,,not the real ip address please pay attention to last octet From home when I ping our work website www.works.org.nl it does not time out (means there is a reply) but it gives me this ip address 234.56.79.20,,,,,,,, not the real ip address only last octet is different comparing to ip address at work. From home I have got no problem to access our work’s website www.works.org.nlThanksTry putting the IP address you get when you ping from home in the address bar of your work computer. IOW, don't type in www.works.org.nl. Instead type in 234.56.79.20,, and see if that accesses the site. It might just be a question of the dns servers not having caught up with an address change for your site. That can sometime take a couple of days.If that works, then try clearing the cache on the work computer. It may have cached an old IP address and is using that rather than doing another dns lookup. Edited March 17, 2010 by lewmur Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted March 17, 2010 Share Posted March 17, 2010 I would also be concerned that you should be flushing the DNS cache on those computers and your Server 2003 if it is providing DNS for those systems on your work network.Sounds like DNS poisoning possibilities to me at your work network, or through the DNS for your ISP. Quote Link to comment Share on other sites More sharing options...
zillah Posted March 17, 2010 Author Share Posted March 17, 2010 (edited) If that works, then try clearing the cache on the work computer.No, it didn't workSounds like DNS poisoning possibilities to me at your work network, or through the DNS for your ISP. ipconfig /flushdnsnet stop dnscachenet start dnscache Didn't help me out eitherOn the Active Directory I did clear DNS cache by doing this Administrive tools -- > DNS --> Right click clear cache,,,,,but still no joy.or as explained in Figure C in the link belowhttp://articles.techrepublic.com.com/5100-...11-5091116.htmlThanks Edited March 17, 2010 by zillah Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted March 17, 2010 Share Posted March 17, 2010 Did you flush the DNS on your work computer? Or the local server on your network or both?If that didn't fix it, could be the ISP DNS that's poisoned. Might consider using Open DNS for the network if the ISP isn't persnickety about using other DNS. If they are, they need to fix it. A call to Technical Support might be the next stop if all the steps between you and the ISP have been dealt with and still no relief. Quote Link to comment Share on other sites More sharing options...
crp Posted March 17, 2010 Share Posted March 17, 2010 a tracert from a work pc to the web name could be interesting ,especially if you could compare it to one from your home. Quote Link to comment Share on other sites More sharing options...
zillah Posted March 17, 2010 Author Share Posted March 17, 2010 Did you flush the DNS on your work computer? Or the local server on your network or both?Hi LilBambiI vpned to our server at work (windows 2003) and I iussed those dnsflush command on the server and then I did test from the server.I have not tried that on a workstation yet Quote Link to comment Share on other sites More sharing options...
zillah Posted March 17, 2010 Author Share Posted March 17, 2010 a tracert from a work pc to the web name could be interesting ,especially if you could compare it to one from your home.I tried that from home I can reach servername for our host provider while from work it timed out Quote Link to comment Share on other sites More sharing options...
zillah Posted March 18, 2010 Author Share Posted March 18, 2010 (edited) At home and from my laptop I pinged www.works.org.nl result was successful Reply and I got an ip address which was : 234.56.83.20 (not real ip address)I did test at home I typed in a IE and Mozillah this : http://234.58.83.20 the message that I received as below : If you can see this page, then the people who manage this server have installed cPanel and WebHost Manager (WHM) which use the Apache Web server software and the Apache Interface to OpenSSL (mod_ssl) successfully. They now have to add content to this directory and replace this placeholder page, or else point the server at their real content.I recorded home ip address (234.58.83.20) in a piece of paper and I typed it in the address bar of IE and Mozilla at work (server and workstation) ,,,,I received the same message as wellIf you can see this page, then the people who manage this server have installed cPanel and WebHost Manager (WHM) which use the Apache Web server software and the Apache Interface to OpenSSL (mod_ssl) successfully. They now have to add content to this directory and replace this placeholder page, or else point the server at their real content.At work on the server and workstation I pinged www.works.org.nl result was timed out and the ip address that I have got was : 234.56.79.104 (not real ip address)At work I ping 234.56.79.104 (not real ip address) ,,,,,ping timed outAt home I ping 234.56.79.104 (not real ip address),,,,,ping timed out as well.I typed in this ip address in the address bar of server 's IE and Mozilla ,,,,error message : The page can not be displayedI typed in this ip address in the address bar of laptop 's IE and Mozilla ,,,,error message : The page can not be displayed as well Edited March 19, 2010 by zillah Quote Link to comment Share on other sites More sharing options...
zillah Posted March 19, 2010 Author Share Posted March 19, 2010 (edited) i assume there is a firewall on the outside edge of your network.Hi TemmuI have got an access to the snapgear 300 router and I could not see any rule that might block the work's webiste. Edited March 19, 2010 by zillah Quote Link to comment Share on other sites More sharing options...
lewmur Posted March 19, 2010 Share Posted March 19, 2010 (edited) Hi TemmuI have got an access to the snapgear 300 router and I could not see any rule that might block the work's webiste.OK. So, your work computer is definitely giving you the wrong IP address from your DNS server. Try googling OpenDNS and try their free service. It will set your work computer's NIC to use their DNS server instead of your local one. You might also want to check the file c:\windows\system32\drivers\etc\hosts to make sure that isn't redirecting the domain name.Also, when I advised you to clear your cache, I meant the browser's cache and not the machine's DNS cache. Edited March 19, 2010 by lewmur Quote Link to comment Share on other sites More sharing options...
zillah Posted March 19, 2010 Author Share Posted March 19, 2010 Also, when I advised you to clear your cache, I meant the browser's cache and not the machine's DNS cache.Okay I did that as wellYou might also want to check the file c:\windows\system32\drivers\etc\hosts to make sure that isn't redirecting the domain name.I have just checked for the server ( I will check for workstation as well),,,,for the server this is what I have got # Copyright (c) 1993-1999 Microsoft Corp.## This is a sample HOSTS file used by Microsoft TCP/IP for Windows.## This file contains the mappings of IP addresses to host names. Each# entry should be kept on an individual line. The IP address should# be placed in the first column followed by the corresponding host name.# The IP address and the host name should be separated by at least one# space.## Additionally, comments (such as these) may be inserted on individual# lines or following the machine name denoted by a '#' symbol.## For example:## 102.54.94.97 rhino.acme.com # source server# 38.25.63.10 x.acme.com # x client host127.0.0.1 localhost Try googling OpenDNS and try their free service. It will set your work computer's NIC to use their DNS server instead of your local one.I will try that as well Quote Link to comment Share on other sites More sharing options...
lewmur Posted March 19, 2010 Share Posted March 19, 2010 Okay I did that as wellI have just checked for the server ( I will check for workstation as well),,,,for the server this is what I have got # Copyright (c) 1993-1999 Microsoft Corp.# 102.54.94.97 rhino.acme.com # source server# 38.25.63.10 x.acme.com # x client host127.0.0.1 localhost I will try that as well This is OK. Not the problem. Quote Link to comment Share on other sites More sharing options...
zillah Posted March 19, 2010 Author Share Posted March 19, 2010 (edited) Hi lewmur Try googling OpenDNS and try their free service. It will set your work computer's NIC to use their DNS server instead of your local one.On the server and one workstation I did this test I used OpenDNS addresses which are 208.67.222.222 for Primary DNS and 208.67.220.220 for Secondary DNS.Both server and workstation were able to browse www.works.org.nlThis is test proves that my problem is a DNS issue.Now what will be the suggestion to fix it ?Thanks Edited March 19, 2010 by zillah Quote Link to comment Share on other sites More sharing options...
Peachy Posted March 19, 2010 Share Posted March 19, 2010 zillah,what is the first DNS used on the internal network. You can find this out with ipconfig /all. Then check the zone file on that DNS server and see what it has for the IP address for the FQDN for the site. Quote Link to comment Share on other sites More sharing options...
zillah Posted March 19, 2010 Author Share Posted March 19, 2010 what is the first DNS used on the internal network. You can find this out with ipconfig /all. Then check the zone file on that DNS server and see what it has for the IP address for the FQDN for the site.Peachy do you want me to use the DNS addresses before I have changed them to OpenDNS addresses ? Then I can do what you have advised Thanks Quote Link to comment Share on other sites More sharing options...
crp Posted March 19, 2010 Share Posted March 19, 2010 i wonder if the DNS server has seperate configurations for internal and external access. Quote Link to comment Share on other sites More sharing options...
lewmur Posted March 19, 2010 Share Posted March 19, 2010 (edited) Hi lewmurOn the server and one workstation I did this test I used OpenDNS addresses which are 208.67.222.222 for Primary DNS and 208.67.220.220 for Secondary DNS.Both server and workstation were able to browse www.works.org.nlThis is test proves that my problem is a DNS issue.Now what will be the suggestion to fix it ?ThanksIf you allow XP to obtain DNS automatically, it will typically use the DNS service set up in the router. So, if you want all the workstations to work, change the router's DNS setting to the OpenDNS addresses. This is, of course, assuming MS Exchange in the server isn't overriding the router's settings. You might want to make sure the Exchange DNS settings match the router's settings.When you first install your router/modem, it is normally set to use your ISP's DNS servers. This normally isn't a problem because if the ISP's servers go down, then you probably won't have Internet access anyway. But I've seen the time when AT&T's DNS servers went down and I could still access the net, when others couldn't, because I use OpenDNS as the secondary server. To me, it is always advisable to have a different secondary DNS service provider. Edited March 19, 2010 by lewmur Quote Link to comment Share on other sites More sharing options...
zillah Posted March 20, 2010 Author Share Posted March 20, 2010 (edited) If you allow XP to obtain DNS automatically, I could not choose this option because a static ip address was assigned to each workstation and as you know when a static ip address is assigned manually the option " obtain DNS server address automatically " is grayed out. change the router's DNS setting to the OpenDNS addresses.I could not find such an option within the Snapgear 300 configuration.You might want to make sure the Exchange DNS settings match the router's settings.Router DNS addresses in the snapshot below :http://i42.tinypic.com/ay4bq.jpgExchange DNS settings Could you please advise where can I check those settings ?What I did ,,,,at home when I pinged www.works.org.nl (again I made this name up as an example), I got an external ip address (202.y.y.y) At work under works.org.nl forward lookup zone I updated the 3 entries ftp, list, www from the old ip address to the new one (i.e. 202.y.y.y) and now I can access www.works.org.nl from work and I can ping www.works.org.nl from work as well. Would I have done the right thing or still I need to consider other thing in the DNS configuration ? If the actual external IP for the website is changed in few months later do I need to update works.org.nl forward lookup zone again ? Edited March 22, 2010 by zillah Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.