Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: crazybob on October 02, 2008, 03:04:12 PM
-
I had to change a server from server/gateway to server only(not my idea). A firewall / QoS device is in place between the internet and the network. The firewall is providing dhcp to the network. I can view the web site on the server via the server local IP address, but not by url. The website is visable by url to the outside world. The domain names are configured to resolve to the internet.
Any ideas as to what or how to change to resolve this
TIA
Bob
-
I had to change a server from server/gateway to server only(not my idea). A firewall / QoS device is in place between the internet and the network. The firewall is providing dhcp to the network. I can view the web site on the server via the server local IP address, but not by url. The website is visable by url to the outside world. The domain names are configured to resolve to the internet.
You need to configure SME server to provide DNS for your domain, and you need to configure DHCP to refer clients to SME server for DNS lookups (and the easiest way to do that is to disable DHCP on your firewall and enable it on SME server). That's because for internal clients you need your domain name to resolve to the SME server's address, not the outside address of the firewall (as it resolves for the rest of the Internet).
-
Thanks Charlie, I will see what I can do. I do not have control over the firewall, but will contact the parties involved ad see what happens
Bob
-
Thanks Charlie, I will see what I can do. I do not have control over the firewall, but will contact the parties involved ad see what happens
There's no rocket science here, Bob, IMO you should have been able to analyse what was going on. The http requests from the LAN clients were directed by DNS to the outside of the firewall, not direct to the LAN address of the SME server. Port forwarding from the firewall (DNAT) can only work from the Internet, it cannot work on the LAN.
-
Thanks Charlie, I think I understand. I will get it handeled now
Bob
-
Bob,
If you choose not to make the SME the Edit:DHCP server, you should still be able to set the DHCP server to hand out the SME address as the DNS server. I have my DHCP server set to hand out the SME as the first DNS server and one of my ISP's DNS servers as the second one.
-
A workaround is using a HOSTS file on the internal clients you need to resolve correctly...very nasty workaround tho...
BTW its me or xp sp3 changed the way the hosts file works? mine is not working...but also this windows version is heavily nlited...
-
Its quite quick and easy to let the (Windows) clients receive dns from info the sme server only. Than everything will work. Gateway can run as dhcp server as normal.
The clients can be corrected manually (in tcp-ip/network setup) to use the sme server as dns server. (I'm using this arrangement now.)
Windows XP SP has hosts file like before. (I am using this arrangement as well.)
-
First, thanks to all for all the input.
With the assistance of the parties that control the router/QoS device, we made a change in the router dhcp table to point to the server to find the DNS entries. I server-manager, I assigned the ISP's DNS servers ip addresses in the corporate dns panel. Then I set each domain to resolve locally. :-)
Life is now good
Bob