I can not access our work’s website from work

[zillah]

HiAt work I have got a windows 2003 server (Active Directory environment with Exchange) and 10 clients with XP OS, Server 2003 acting as internal DNSThey are connected to a snap gear router which is connected to an ADSL modem.We have got a work’s website suppose it is called: www.works.org.nl which is hosted with external provider I cannot access our work’s website www.works.org.nl from any PC at work but I have got no problem to access any other websites.From work when I ping the our work website www.works.org.nl it times out but it gives me this ip address 234.56.79.104 ,,,,,,,,,,not the real ip address please pay attention to last octet From home when I ping our work website www.works.org.nl it does not time out (means there is a reply) but it gives me this ip address 234.56.79.20,,,,,,,, not the real ip address only last octet is different comparing to ip address at work. From home I have got no problem to access our work’s website www.works.org.nlThanks

[lewmur]

HiAt work I have got a windows 2003 server (Active Directory environment with Exchange) and 10 clients with XP OS, Server 2003 acting as internal DNSThey are connected to a snap gear router which is connected to an ADSL modem.We have got a work’s website suppose it is called: www.works.org.nl which is hosted with external provider I cannot access our work’s website www.works.org.nl from any PC at work but I have got no problem to access any other websites.From work when I ping the our work website www.works.org.nl it times out but it gives me this ip address 234.56.79.104 ,,,,,,,,,,not the real ip address please pay attention to last octet From home when I ping our work website www.works.org.nl it does not time out (means there is a reply) but it gives me this ip address 234.56.79.20,,,,,,,, not the real ip address only last octet is different comparing to ip address at work. From home I have got no problem to access our work’s website www.works.org.nlThanks

Try putting the IP address you get when you ping from home in the address bar of your work computer. IOW, don't type in www.works.org.nl. Instead type in 234.56.79.20,, and see if that accesses the site. It might just be a question of the dns servers not having caught up with an address change for your site. That can sometime take a couple of days.If that works, then try clearing the cache on the work computer. It may have cached an old IP address and is using that rather than doing another dns lookup. Edited March 17, 2010 by lewmur

[Guest LilBambi]

I would also be concerned that you should be flushing the DNS cache on those computers and your Server 2003 if it is providing DNS for those systems on your work network.Sounds like DNS poisoning possibilities to me at your work network, or through the DNS for your ISP.

[zillah]

If that works, then try clearing the cache on the work computer.

No, it didn't work

Sounds like DNS poisoning possibilities to me at your work network, or through the DNS for your ISP.

ipconfig /flushdnsnet stop dnscachenet start dnscache

Didn't help me out eitherOn the Active Directory I did clear DNS cache by doing this Administrive tools -- > DNS --> Right click clear cache,,,,,but still no joy.or as explained in Figure C in the link belowhttp://articles.techrepublic.com.com/5100-...11-5091116.htmlThanks

Edited March 17, 2010 by zillah

[Guest LilBambi]

Did you flush the DNS on your work computer? Or the local server on your network or both?If that didn't fix it, could be the ISP DNS that's poisoned. Might consider using Open DNS for the network if the ISP isn't persnickety about using other DNS. If they are, they need to fix it. A call to Technical Support might be the next stop if all the steps between you and the ISP have been dealt with and still no relief.

[crp]

a tracert from a work pc to the web name could be interesting ,especially if you could compare it to one from your home.

[zillah]

Did you flush the DNS on your work computer? Or the local server on your network or both?

Hi LilBambiI vpned to our server at work (windows 2003) and I iussed those dnsflush command on the server and then I did test from the server.I have not tried that on a workstation yet

[zillah]

a tracert from a work pc to the web name could be interesting ,especially if you could compare it to one from your home.

I tried that from home I can reach servername for our host provider while from work it timed out

[zillah]

At home and from my laptop I pinged www.works.org.nl result was successful Reply and I got an ip address which was : 234.56.83.20 (not real ip address)I did test at home I typed in a IE and Mozillah this : http://234.58.83.20 the message that I received as below :

If you can see this page, then the people who manage this server have installed cPanel and WebHost Manager (WHM) which use the Apache Web server software and the Apache Interface to OpenSSL (mod_ssl) successfully. They now have to add content to this directory and replace this placeholder page, or else point the server at their real content.

I recorded home ip address (234.58.83.20) in a piece of paper and I typed it in the address bar of IE and Mozilla at work (server and workstation) ,,,,I received the same message as well

If you can see this page, then the people who manage this server have installed cPanel and WebHost Manager (WHM) which use the Apache Web server software and the Apache Interface to OpenSSL (mod_ssl) successfully. They now have to add content to this directory and replace this placeholder page, or else point the server at their real content.

At work on the server and workstation I pinged www.works.org.nl result was timed out and the ip address that I have got was : 234.56.79.104 (not real ip address)At work I ping 234.56.79.104 (not real ip address) ,,,,,ping timed outAt home I ping 234.56.79.104 (not real ip address),,,,,ping timed out as well.I typed in this ip address in the address bar of server 's IE and Mozilla ,,,,error message : The page can not be displayedI typed in this ip address in the address bar of laptop 's IE and Mozilla ,,,,error message : The page can not be displayed as well Edited March 19, 2010 by zillah

[zillah]

i assume there is a firewall on the outside edge of your network.

Hi TemmuI have got an access to the snapgear 300 router and I could not see any rule that might block the work's webiste. Edited March 19, 2010 by zillah

[lewmur]

Hi TemmuI have got an access to the snapgear 300 router and I could not see any rule that might block the work's webiste.

OK. So, your work computer is definitely giving you the wrong IP address from your DNS server. Try googling OpenDNS and try their free service. It will set your work computer's NIC to use their DNS server instead of your local one. You might also want to check the file c:\windows\system32\drivers\etc\hosts to make sure that isn't redirecting the domain name.Also, when I advised you to clear your cache, I meant the browser's cache and not the machine's DNS cache. Edited March 19, 2010 by lewmur

[zillah]

Also, when I advised you to clear your cache, I meant the browser's cache and not the machine's DNS cache.

Okay I did that as well

You might also want to check the file c:\windows\system32\drivers\etc\hosts to make sure that isn't redirecting the domain name.

I have just checked for the server ( I will check for workstation as well),,,,for the server this is what I have got

# Copyright (c) 1993-1999 Microsoft Corp.## This is a sample HOSTS file used by Microsoft TCP/IP for Windows.## This file contains the mappings of IP addresses to host names. Each# entry should be kept on an individual line. The IP address should# be placed in the first column followed by the corresponding host name.# The IP address and the host name should be separated by at least one# space.## Additionally, comments (such as these) may be inserted on individual# lines or following the machine name denoted by a '#' symbol.## For example:##	  102.54.94.97	 rhino.acme.com		  # source server#	   38.25.63.10	 x.acme.com			  # x client host127.0.0.1	   localhost

Try googling OpenDNS and try their free service. It will set your work computer's NIC to use their DNS server instead of your local one.

I will try that as well

[lewmur]

Okay I did that as wellI have just checked for the server ( I will check for workstation as well),,,,for the server this is what I have got

# Copyright (c) 1993-1999 Microsoft Corp.#	  102.54.94.97	 rhino.acme.com		  # source server#	   38.25.63.10	 x.acme.com			  # x client host127.0.0.1	   localhost

I will try that as well

This is OK. Not the problem.

[zillah]

Hi lewmur

Try googling OpenDNS and try their free service. It will set your work computer's NIC to use their DNS server instead of your local one.

On the server and one workstation I did this test I used OpenDNS addresses which are 208.67.222.222 for Primary DNS and 208.67.220.220 for Secondary DNS.Both server and workstation were able to browse www.works.org.nlThis is test proves that my problem is a DNS issue.Now what will be the suggestion to fix it ?Thanks Edited March 19, 2010 by zillah

[Peachy]

zillah,what is the first DNS used on the internal network. You can find this out with ipconfig /all. Then check the zone file on that DNS server and see what it has for the IP address for the FQDN for the site.

[zillah]

what is the first DNS used on the internal network. You can find this out with ipconfig /all. Then check the zone file on that DNS server and see what it has for the IP address for the FQDN for the site.

Peachy do you want me to use the DNS addresses before I have changed them to OpenDNS addresses ? Then I can do what you have advised Thanks

[crp]

i wonder if the DNS server has seperate configurations for internal and external access.

[lewmur]

Hi lewmurOn the server and one workstation I did this test I used OpenDNS addresses which are 208.67.222.222 for Primary DNS and 208.67.220.220 for Secondary DNS.Both server and workstation were able to browse www.works.org.nlThis is test proves that my problem is a DNS issue.Now what will be the suggestion to fix it ?Thanks

If you allow XP to obtain DNS automatically, it will typically use the DNS service set up in the router. So, if you want all the workstations to work, change the router's DNS setting to the OpenDNS addresses. This is, of course, assuming MS Exchange in the server isn't overriding the router's settings. You might want to make sure the Exchange DNS settings match the router's settings.When you first install your router/modem, it is normally set to use your ISP's DNS servers. This normally isn't a problem because if the ISP's servers go down, then you probably won't have Internet access anyway. But I've seen the time when AT&T's DNS servers went down and I could still access the net, when others couldn't, because I use OpenDNS as the secondary server. To me, it is always advisable to have a different secondary DNS service provider. Edited March 19, 2010 by lewmur

[zillah]

If you allow XP to obtain DNS automatically,

I could not choose this option because a static ip address was assigned to each workstation and as you know when a static ip address is assigned manually the option " obtain DNS server address automatically " is grayed out.

change the router's DNS setting to the OpenDNS addresses.

I could not find such an option within the Snapgear 300 configuration.

You might want to make sure the Exchange DNS settings match the router's settings.

Router DNS addresses in the snapshot below :http://i42.tinypic.com/ay4bq.jpg

Exchange DNS settings

Could you please advise where can I check those settings ?What I did ,,,,at home when I pinged www.works.org.nl (again I made this name up as an example), I got an external ip address (202.y.y.y) At work under works.org.nl forward lookup zone I updated the 3 entries ftp, list, www from the old ip address to the new one (i.e. 202.y.y.y) and now I can access www.works.org.nl from work and I can ping www.works.org.nl from work as well. Would I have done the right thing or still I need to consider other thing in the DNS configuration ? If the actual external IP for the website is changed in few months later do I need to update works.org.nl forward lookup zone again ?

Edited March 22, 2010 by zillah