0

I'm having an issue accessing my website (heatcool.com) from outside of my network by URL.

Server Environment: Windows Server

Here's what I know:

1) I CAN access within my network by IPV4 IP, Public IP and URL

2) I CAN access from outside my network by Public IP

3) I CAN NOT access from outside my network by URL

4) I can ping my url and it resolves to the correct IPV4 IP

5) NSlookup maps my url back to the IPV4 IP

6) I CAN NOT access the URL from a proxy server


So, I think I've concluded that it's not a DNS issue. What else should I look at?

dentalhero
  • 113
  • 6
  • Incidentally, both addresses are IPV4. (An IPV6 address is typicallymuch longer and has colons instead of dots.) I think the phrase you wanted is "private IP"? – Harry Johnston Mar 31 '19 at 03:54

2 Answers2

2

The DNS A record for heatcool.com is pointing to a private IP address. Have you tried replacing the private IP address in the A record with the public IP address of your server?

$ dig heatcool.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.47.amzn1 <<>> heatcool.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3745
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;heatcool.com.                  IN      A

;; ANSWER SECTION:
heatcool.com.           60      IN      A       10.2.1.21
bmccord
  • 81
  • 4
  • I was under the impression that the IPV4 IP of the machine was to be used as the A record. I guess it makes sense that the url will resolve internally if the A record points there. Now, if I change the A record to the public IP, how does the url then resolve internally? – dentalhero Mar 29 '19 at 23:07
  • So long as the device making a request to the public IP address has connectivity there shouldn't be a problem. Private IP addresses are not routable and therefore anyone outside your network will not be able to reach them. If you want to connect to the private IP address of your server externally you could enable port forwarding in your router. In this case you would then add the public IP address of your router to the DNS record and forward ports 80 and 443 to the private IP of your server. – bmccord Mar 29 '19 at 23:15
  • Ok, I went ahead and modified the A Record to point to the public IP. That resolves the issue of not being able to access my site from outside my network. I can no longer access my site by url internally now, however. I'll go ahead and mark this as resolved since you resolved my immediate question. Thanks for your help! – dentalhero Apr 01 '19 at 16:53
  • You could edit your local host file (on the machine you are connecting from) and add an entry to override the DNS record 10.2.1.21 heatcool.com This will let you connect locally using the URL. – bmccord Apr 01 '19 at 20:37
0

From your description it seems like the "url" is resolved only inside your network, have you tried to resolve it externally?

Cristian Montini
  • 1
  • Can you explain what that entails if it means more than pulling it up in a browser? – dentalhero Mar 29 '19 at 21:13
  • Well, if the browser is on your machine connected to the same network where the server is it makes a lot of difference. Try to resolve it from here https://centralops.net/co/ – Cristian Montini Mar 29 '19 at 21:16
  • Yes, I did try to resolve it from outside the network and through a proxy to no avail. So, it doesn't appear to be an issue with the ISP cache. Also, confirmed with your tool that the A record is correct. – dentalhero Mar 29 '19 at 21:18
  • I tried to ping heatcool.com but it doesn't reply even if it get resolved to 10.2.1.21. A light port scan on the public IP reveals no opened ports. Is there any firewall which is blocking all the incoming traffic? – Cristian Montini Mar 29 '19 at 21:35