I have a external ip address and have configure the NAT on the router. I am just wanting to know how you setup the External Forward lookup zone and what I need to do with regards to fqdn, do I need just add the external ip in there?
Asked
Active
Viewed 4,564 times
0
-
More info needed...where are your DNS zones hosted and are you using split-brain DNS to provide different name resolution depending on whether the request comes from an internal or external client? – SamErde May 25 '16 at 13:26
-
One is .local and the other one .com is hosted at easily. The only one I currently have setup in dns manager is the .local one – Alex May 25 '16 at 13:39
-
What platform are you running DNS on internally? – SamErde May 25 '16 at 13:40
-
Windows 2012 server R2 – Alex May 25 '16 at 13:42
-
Any help would be appreciated? – Alex May 26 '16 at 08:20
-
Hope this answers your question... :) – SamErde May 26 '16 at 17:39
1 Answers
3
You'll need to consider two places for your external forward lookup zone. Please note, some of this is based on that guess that you do not already have a conditional forwarder set up for your external domain name.
Your external IP address space is probably managed at your ISP, unless you've paid for a 3rd party DNS provider. Find out which it is, because you'll need to create an A record for your new external IP address. For example, if your new web site is at www.example.com, you would need an A record with the name "www" in the "example.com" forward lookup zone at your ISP. The value in the A record "www" would specify your new external IP address.
Within your own network, you'd probably want users who browse to this name to resolve "www.example.com" to your internal (NATed) IP address. This prevents their traffic from going out your firewall and then back in. (There could be some cases where this is desired.)
To achieve this, you'll open your DNS Management Console on Windows Server, expand a DNS server, right-click on the "Forward Lookup Zones" node, and select "New Zone".
You'll then click next until the Zone Type screen and select Primary zone.
Then you'll most likely want to select the forest for your replication scope. However, this could vary based on your environment.
Now you can type in the name for your forward lookup zone, which should match the name of your domain (not the .local one).
Select "do not allow dynamic updates" because you are manually managing this copy of the zone.
And then you can click finish on the summary screen.
At this point, you'll have an instance of your external forward lookup zone created in your internal .local domain. Given the example above, you can now create an A entry in this zone for "www" pointing to the internal IP address. (The same IP address that your external IP is NATed to.) Hope this answers that question that you are trying to ask! :)
SamErde
- 3,409
- 3
- 24
- 44
-
Thanks for this, once this has been configured is there anythong else I need to setup as last time i went through these steps my dns server ended up being a public dns and couldnt access anything locally? – Alex May 27 '16 at 14:33
-
-
Sorry, but I feel like this is trailing into additional questions. It sounds like you might want to do some further reading on TechNet or in a Windows Server book. Have I answered your initial qyestion? – SamErde Jun 13 '16 at 18:05