Wireless and DNS issue - resolving private address instead of public

[mlchris2]

I have two wireless networks setup in the office. Once called public and the other called secure. Public is just that its open, not joined to our local network. The secure however, you can browse our LAN, etc.

Im using Netscreen WRT54G

Well the company just upgraded all our staff with Iphones and when the phones connect to the Secure wireless network, the phone doesnt connect to the mail server... mail.domain.com. However if they connect to the open, they connect just fine.

If I do an nslookup on a device that is connected to the secure network, it returns the host name and local ip. if I connect to the open network and perform the nslookup, it returns the public dns for my mail server.

The reason i need to fix this is, for now its the only way I have to keep them off non-work related sites on their phones while at work... faceboog, blogger, etc. When they are away from the office, I dont care...

any ideas? is it just a DNS issue inside the secure wireless router. (blink...light just went off) Could I put in a public DNS for DNS server address1 and then use my private dns server for secondary dns???

any help is appriciated and thanks.

Mark C.

 

[unclerico]

sounds like a hairpinning issue. is the open network physically segmented from your internal network (i.e. using a separate gateway to reach the internet than your secure network)??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[dberg35]

As for the secure wireless is it doing DHCP and if so is it connected to another router? If this is how it is set up that can cause an issue. Also check to make sure that no paort s need to be open.

 

[JordanCN]

Internal DNS server will not work as you want for a secondary DNS. Most likely your ISP will either resolve the unknown ???.domain.com to your domain.com IP or they will do what Verizon and Comcast are doing and redirect you to a "buy this domain" page

I am assuming your "Open" router connects directly to the Internet which is why they are getting the external IP of your mail.mydomain.com server. This is all set.

Now on your "Secure" router the question is can you ping mail.domain.com and tracert to it as well. It doesn't matter that you can resolve it because you still need to reach it.

Also, is the path back to the "Secure" router valid. Ping and tracert back from mail.domain.com to the secure router to see if you are following the same route.

Also, here is another question, are you using the Netgear as a NAT router for the wireless clients to the network or are you using it as a hub/switch. In this case you should have the internal ports on the Netgear plugged into your network and have the LAN settings for the internal interface as an IP on your LAN. Also, disable the DHCP feature of the router and use your interal DHCP.

If you post your internal IP setup for your mail server, a working client and your Netgear ips for both interfaces we might see something.

 

[mlchris2]

I'm thinking this is a wireless device (Iphone) issue rather than a router issue... cause any pc device I use to test either connection, I am able to resolve addresses correctly.



Mark C.