Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cannot view own www site

Status
Not open for further replies.
resoremix

resoremix

Programmer
Apr 14, 2002
44
GB
I know there have been other posts covering the old split DNS problem of not being able to view your own publicly accessible site but I took the route of calling my internal network company.local and letting my ISP be authoritative for the company.co.uk domain to avoid any such issues.

However, now that my DMZ webserver is finally online at it can only be accessed from outside the network. Machines on the internal network simply receive a "cannot be contacted browser error". A 'ping command from such a machine successfully resolves and pings the correct public IP address for the site.

I hope it is not a DNS problem and I'm pretty sure it isn't as my ISP hosts the company.co.uk domain and simply forwards all requests to a public IP it supplied us with. The only DNS we run is the internal Active Directory requirement for company.local. All unresolved DNS lookups are forwarded to our ISP's DNS servers.

I suspect the problem is firewall (Watchguard Firebox 700) related. There is no problem accessing any external web sites from within company.local so do I need to be aware of any blocking that could be taking place between the trusted network and the DMZ?

Any other ideas?

Thanks very much for your thoughts.
 
Sort by date Sort by votes
I presume you have a proxy setting in your desktop web browser.

Open IE and click Tools, Internet Options, Connections tab then LAN Settings. Tick the 'Bypass proxy server for local addresses', click the Advanced button and put your web site in the 'Do not use proxy server for addresses starting with' box (eg Click OK etc.

This will let the browser go directly to your web server on the DMZ bypassing the proxy server with keeps sending the request out onto the Internet for it to get lost (source and destination addresses are the same so the request is not returned).
New Zealand, a great place to visit.
 
Upvote 0 Downvote
Thanks very much for the reply darranagl.

What you say makes perfect sense but I need to enter the IP address and port of the proxy server. I am not sure what this should be as I do not have a dedicated proxy server as such. My Watchguard Firebox has three interfaces (so 3 IP addresses): Internal, Optional (DMZ) and External and runs an HTTP proxy service but does not expose a dedicated IP address for it.

Any further ideas?



 
Upvote 0 Downvote
Do you have your browser set to "Automatically Detect Settings"?

Can you put the IP address of your Web Server into your browser and see the web page? If so try using a HOSTS (Win9x) or LMHOSTS (NT/Win2k/XP) file to over-ride the name resolution of your site.
New Zealand, a great place to visit.
 
Upvote 0 Downvote
Type ipconfig /all from a dos box on your server and look for anything strange. Also try a route print and see what comes up. Hosts and LMHOSTS files per darranagl is a great idea also. Glen A. Johnson
Microsoft Certified Professional
gjohn76351@msn.com
"We will either find a way, or make one".
Hannibal (247-183 B.C.); Carthaginian general.
 
Upvote 0 Downvote
I had the same problem, but in my case I did make the mistake of naming our domain as our web domain. So, I am not sure if my solution to our problem (suggested by someone in this forum earlier) would would work for you, but nobody so far mentioned it, so why don't you try it anyway?

I went to Start-->Programs-->Administrative Tools-->DNS. There, I opened Forward Lookup Zones and selected a zone I already created. Went to "Action" at the menu bar and chose "New Host..." You would be asked to enter 2 things, a domain name and an IP address. I entered our web domain name and its IP address. Clicked on "Add Host." This took care of our problem.

 
Upvote 0 Downvote
Thanks for the help again people.

darranagl: Using the IP of the site from my browser gives the same results. I do not have "Automatically Detect Settings" selected although I tried this to no avail.

Glen: Everything looks OK on the ipconfig front.

I think I'll try and get some help from Watchguard on this as I suspect its an overkeen firewall issue.
 
Upvote 0 Downvote
It's probably the firewall/router trying to route out it's own address.

Can you make a dns entry to your internal lan?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

andyferris
  • Locked
  • Question
DC Event logs auditing cannot be set by GPO
Replies
1
Views
108
RRankin355
RRankin355
StevenFromSouth
  • Locked
  • Question
VPN Connects but cannot access remote network computers or folders
Replies
1
Views
114
StevenFromSouth
StevenFromSouth
zorg2004
  • Locked
  • Question
Cluster CSV Disk Ownership Performance
Replies
0
Views
90
zorg2004
zorg2004
blpcrs
  • Locked
  • Question
Disk Space warning in real time in Event Viewer?
Replies
0
Views
152
blpcrs
blpcrs
MasterRacker
  • Locked
  • Question
Can't start default site - port 80 in use.
Replies
6
Views
162
MasterRacker
MasterRacker

Part and Inventory Search

Sponsor

Back
Top