Create an A record named www and point it to the internal webserver ip address.
This should help.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
It sounds like to me that if sometimes the users get the internal address
and sometimes the external address, that your infrastructure has a mixture
of internal and external DNS servers. I assume this is an AD infrastructure.
If so, the cardinal rule behind AD, as you may already be aware of, is to
only use the internal DNS server(s) in their IP properties. Now in your
case, even if you are not using AD, you must only use the internal DNS
server(s) or your solution will continue to have problems with mixed
results, and IMHO, a batch file to flush the local cache on each machine is
additional administrative overhead that can be avoided.
Let's take a look at your infrastructure to better assist with a more
specific diagnosis.Please post an unedited ipconfig /all of a sample client
machine and of your DC or server. I assume your DHCP server is a Windows
server. Also confirm that the DHCP service is not running on your router(s).
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Please reply back to the newsgroup or forum to benefit from collaboration
among responding engineers, and to help others benefit from your resolution.
Ace Fekay, MCT, MCSE, MCSA 2003 & 2000, MCSA Messaging
Microsoft Certified Trainer
ace...@mvps.RemoveThisPart.org
http://twitter.com/acefekay
For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP)
Physical Address. . . . . . . . . : 00-53-45-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.11
Subnet Mask . . . . . . . . . . . : 255.255.255.25
Default Gateway . . . . . . . . . :
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1
Physical Address. . . . . . . . . : 00-15-17-3F-B8
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.101
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.254
DNS Servers . . . . . . . . . . . : 10.10.10.101
This is the Web server with that runs the Sharepoint site:
Windows IP Configuration
Host Name . . . . . . . . . . . . : app-01
Primary Dns Suffix . . . . . . . : domain.info
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.info
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-15-C5-5E-73-50
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.10.10.222
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 10.10.10.221
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 10.10.10.220
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 10.10.10.200
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.254
DNS Servers . . . . . . . . . . . : 10.10.10.101
Thanks for posting the info. What about the client machine?
Also, the DC is multihomed. Did you know this is not a recommended practice
with DCs due to DNS registrations and inconsistencies it creates, besides AD
problems? So curious, why is there a PPP adapter? Is RRAS on it? Also not a
recommended practice. I mean if you need the multihoming, I have a complete
step by step to force AD to properly register into DNS so it functions
properly. It involves registry alterations. If interested, I can post that.
But let's see the client machine, please.
If the client machines are only using 10.10.10.101, then I can't see why the
clients are resolving to the WAN IP address unless they are using an
external DNS.
Ace
here is the client info... and it is getting a second DNS that is external.
Windows IP Configuration
Host Name . . . . . . . . . . . . : LT-16
Primary Dns Suffix . . . . . . . : domain.info
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.info
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit
Cont
roller
Physical Address. . . . . . . . . : 00-23-AE-2F-A8-75
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 10.10.10.24
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.254
DHCP Server . . . . . . . . . . . : 10.10.10.101
DNS Servers . . . . . . . . . . . : 10.10.10.101
4.2.2.2
Primary WINS Server . . . . . . . : 10.10.10.101
Lease Obtained. . . . . . . . . . : Wednesday, July 15, 2009
10:03:48 AM
Lease Expires . . . . . . . . . . : Thursday, July 23, 2009 10:03:48
AM
Domain internal do dot use ISPs DNS server like 4.2.2.2 on the NICs of any
machine. That ones have to be configured as Forwarders on the DNS server
properties in the DNS management console.
And you have a multihome DC with your configuration, because RRAS is on it
and so a second ip is configured on the DC and so Ace's description is correct.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Good to hear!
If I may suggest, how about a firewall/VPN device, such as a Cisco ASA to
handle your VPN requirements? It has web-based SSL VPN capabilities(clients
can download and install the VPN client through its website), and it's a
much more secure connection, as well as that it relieves the addtional
processing power of the DC, as well as alleviate the multihoming issue.
Ace