Announcement

Collapse
No announcement yet.

Unable to access external website from internal network [was:Problem]

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Unable to access external website from internal network [was:Problem]

    Hey Guys,

    I work at a school with Server 2003 running Exchange. The school has its own website but they are not able to access the web site from inside the school?

    The website works fine outside the school LAN.
    Website: www.faithlc.qld.edu.au
    Email: mail.faithlc.qld.edu.au
    Could this have some thing to do with DNS??

    Thanks, Dave.

  • #2
    Re: Problem

    Is the internal Windows DNS domain faithlc.qld.edu.au? If it does you will need to create a new ANAME record called www which points to 202.60.89.114.
    Please remember to leave positive reputation points (The Ying Yang Icon) if someone helps you.

    Comment


    • #3
      Re: Problem

      Ganador,

      Please use a better subject topic next time

      thanks

      Michael
      Michael Armstrong
      www.m80arm.co.uk
      MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

      ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

      Comment


      • #4
        Re: Unable to access external website from internal network [was:Problem]

        Originally posted by Ganador View Post
        Hey Guys,

        I work at a school with Server 2003 running Exchange. The school has its own website but they are not able to access the web site from inside the school?
        A lot of questions come to mind. We'll need more information, like:
        • What is the error message that you see?
        • Is the website hosted by the school and if so on what segment of the network is the webserver located (LAN, DMZ, etc.)
        • Who controls the DNS servers for the school? (A school server, a hosting company's server, etc.)
        • Can you ping the web site by it's IP address from within the school?
        • What are the results of a tracert and/or pathping from within the school? Are there any significant differences between the results of tracert/pathping compared to those tools being run from outside the network? (obviously there will be router differences, but are there any hops that die from within the LAN?)
        • What is the result of a "ping -a" from within the school's LAN compared to outside the LAN?



        Originally posted by Ganador View Post
        Could this have some thing to do with DNS??.
        Quite possibly, but not assuredly.


        Let us know what happens.
        Wesley David
        LinkedIn | Careers 2.0
        -------------------------------
        Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
        Vendor Neutral Certifications: CWNA
        Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
        Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

        Comment


        • #5
          Re: Unable to access external website from internal network [was:Problem]

          Originally posted by Ganador View Post
          Hey Guys,

          I work at a school with Server 2003 running Exchange. The school has its own website but they are not able to access the web site from inside the school?

          The website works fine outside the school LAN.
          Website: www.faithlc.qld.edu.au
          Email: mail.faithlc.qld.edu.au
          Could this have some thing to do with DNS??

          Thanks, Dave.
          Whats you internal DNS name space???

          If it is faithlc.qld.edu.ac then you will need to add an 'A' record that points www to your external website address.

          Comment


          • #6
            Re: Unable to access external website from internal network [was:Problem]

            Hi,
            • I am able to ping to everyother site but the faithlc.qld.edu.au.
            • The DNS is on the school server/exchange.
            • The website is hosted off campus.
            • The internal name space is faithlc.local
            If i where to backup the AD and trash AD and DNS would i be able to recreate the DNS and restore the AD back to normal with all the exchange features still in tact?

            Regards, Dave.

            Comment


            • #7
              Re: Unable to access external website from internal network [was:Problem]

              What error does ping give you?
              What about "nslookup www.faithlc.qld.edu.au"?

              Deleting your AD just because one website doesn't work is really out of the question. It's like saying you have a flat tyre on a car so should buy a new car to fix it.
              Please remember to leave positive reputation points (The Ying Yang Icon) if someone helps you.

              Comment


              • #8
                Re: Unable to access external website from internal network [was:Problem]

                Originally posted by Ganador View Post
                Hi,
                • I am able to ping to everyother site but the faithlc.qld.edu.au.
                • The DNS is on the school server/exchange.
                • The website is hosted off campus.
                • The internal name space is faithlc.local
                If i where to backup the AD and trash AD and DNS would i be able to recreate the DNS and restore the AD back to normal with all the exchange features still in tact?

                Regards, Dave.
                This may sound like nitpicking, but IT is oftentimes a matter of nits that need to be picked. When I 'nslookup faithlc.qld.edu.au' I get 202.60.89.114 but when I nslookup www.faithlc.qld.edu.au I get 24.28.193.9. Now, I'm not sure that this is what you want... you'll be the best judge of that. However, what I want to know is rather specific. Please be precise in your answers by repeating error messages and which IP address a domain resolved to. Feel free to post screenshots of the command output.
                • When you say that DNS is on your exchange box, you mean that the school's local DNS is on that machine, not the DNS server that the internet at large sees as the authoritative server for the faithlc.qld.edu.au domain, right?
                • Is there an entry in the local DNS server (the one on the Exchange box) for both 'faithlc.qld.edu.au' and 'www.faithlc.qld.edu.au'? If so, what is the IP address for each DNS name respectively? (I think both ]SK[ and wullieb1 have both wanted to know this for a little while now... )
                • Give a computer on the LAN the address of public DNS servers (your ISP's DNS servers for example) and then flush that LAN computer's DNS cache (ipconfig /flushdns on a Windows machine). Now try to access the school's site. Is it successful?
                • What does 'ping faithlc.qld.edu.au' show you? (include error messages and/or which IP is returned)
                • What does 'ping www.faithlc.qld.edu.au' show? (Once more, error messages and which IP address comes back is crucial)
                • What does 'ping -a 202.60.89.114' show you? (Include the same info as requested above)
                • What does 'ping -a 24.28.193.9' show you?
                • What does 'tracert 202.60.89.114' show you?
                • What does 'tracert 24.28.193.9' show you?



                It most likely seems to be a DNS issue, but it could also be a ACL entry in a switch or router.
                Wesley David
                LinkedIn | Careers 2.0
                -------------------------------
                Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
                Vendor Neutral Certifications: CWNA
                Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
                Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

                Comment


                • #9
                  Re: Unable to access external website from internal network [was:Problem]

                  When you say that DNS is on your exchange box, you mean that the school's local DNS is on that machine, not the DNS server that the internet at large sees as the authoritative server for the faithlc.qld.edu.au domain, right?
                  Yah sorry, just the Schools Local DNS not the web DNS.

                  What does 'ping faithlc.qld.edu.au' show you?
                  Pinging faithlc.qld.edu.au [202.60.89.114] with 32 bytes of data:

                  Request timed out.
                  Request timed out.
                  Request timed out.
                  Request timed out.

                  Ping statistics for 202.60.89.114:
                  Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

                  What does 'ping www.faithlc.qld.edu.au' show?
                  Pinging faithlc.qld.edu.au [202.60.89.114] with 32 bytes of data:

                  Request timed out.
                  Request timed out.
                  Request timed out.
                  Request timed out.

                  Ping statistics for 202.60.89.114:
                  Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

                  What does 'ping -a 202.60.89.114' show you?
                  Pinging kimberly.myownserver.net [202.60.89.114] with 32 bytes of data:

                  Request timed out.
                  Request timed out.
                  Request timed out.
                  Request timed out.

                  Ping statistics for 202.60.89.114:
                  Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

                  What does 'ping -a 24.28.193.9' show you?
                  Pinging 24.28.193.9 with 32 bytes of data:

                  Reply from 24.28.193.9: bytes=32 time=252ms TTL=83
                  Reply from 24.28.193.9: bytes=32 time=252ms TTL=83
                  Reply from 24.28.193.9: bytes=32 time=292ms TTL=83
                  Reply from 24.28.193.9: bytes=32 time=252ms TTL=83

                  Ping statistics for 24.28.193.9:
                  Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
                  Approximate round trip times in milli-seconds:
                  Minimum = 252ms, Maximum = 292ms, Average = 262ms

                  What does 'tracert 202.60.89.114' show you?
                  Tracing route to kimberly.myownserver.net [202.60.89.114]
                  over a maximum of 30 hops:

                  1 <1 ms <1 ms <1 ms 192.168.1.5
                  2 19 ms 18 ms 24 ms lo0.bri-lns1.qld.westnet.com.au [202.173.144.37]
                  3 18 ms 18 ms 18 ms gi6-1.bri-core.qld.westnet.com.au [202.173.144.81]
                  4 19 ms 19 ms 18 ms AS24238-2.brisbane.pipenetworks.com [218.100.0.68]
                  5 * * * Request timed out.
                  6 * * * Request timed out.
                  7 * * * Request timed out.
                  8 * * * Request timed out.
                  9 * * * Request timed out.
                  10 * * * Request timed out.
                  11 * * * Request timed out.
                  12 * * * Request timed out.
                  13 * * * Request timed out.
                  14 * * * Request timed out.
                  15 * * * Request timed out.
                  16 * * * Request timed out.
                  17 * * * Request timed out.
                  18 * * * Request timed out.
                  19 * * * Request timed out.
                  20 * * * Request timed out.
                  21 * * * Request timed out.
                  22 * * * Request timed out.
                  23 * * * Request timed out.
                  24 * * * Request timed out.
                  25 * * * Request timed out.
                  26 * * * Request timed out.
                  27 * * * Request timed out.
                  28 * * * Request timed out.
                  29 * * * Request timed out.
                  30 * * * Request timed out.

                  Trace complete.

                  What does 'tracert 24.28.193.9' show you?
                  Tracing route to 24.28.193.9 over a maximum of 30 hops

                  1 <1 ms <1 ms <1 ms 192.168.1.5
                  2 18 ms 18 ms 18 ms lo0.bri-lns1.qld.westnet.com.au [202.173.144.37]
                  3 25 ms 17 ms 19 ms gi5-1.bri-core.qld.westnet.com.au [202.173.144.97]
                  4 31 ms 20 ms 18 ms GigabitEthernet2-5.cha23.Brisbane.telstra.net [203.45.3.117]
                  5 22 ms 19 ms 17 ms TenGigE0-8-0-2.cha-core4.Brisbane.telstra.net [203.50.51.1]
                  6 35 ms 34 ms 34 ms Pos0-4-1-0.ken-core4.Sydney.telstra.net [203.50.6.205]
                  7 37 ms 34 ms 34 ms Port-Channel1.pad-gw2.Sydney.telstra.net [203.50.6.29]
                  8 33 ms 34 ms 35 ms TenGigabitEthernet2-0.sydp-core02.Sydney.reach.com [203.50.13.50]
                  9 35 ms 34 ms 34 ms i-9-0.sydp-core01.net.reach.com [202.84.221.89]
                  10 185 ms 184 ms 185 ms i-0-0.wil-core03.net.reach.com [202.84.143.209]
                  11 185 ms 185 ms 185 ms i-3-4.tlot03.net.reach.com [202.84.251.162]
                  12 220 ms 200 ms 187 ms ge-6-20.car3.LosAngeles1.Level3.net [4.68.111.133]
                  13 199 ms 198 ms 198 ms vlan89.csw3.LosAngeles1.Level3.net [4.68.20.190]
                  14 202 ms 198 ms 198 ms ae-83-83.ebr3.LosAngeles1.Level3.net [4.69.137.41]
                  15 266 ms 253 ms 267 ms ae-4.ebr4.Washington1.Level3.net [4.69.132.82]
                  16 262 ms 252 ms 253 ms ae-74-74.csw2.Washington1.Level3.net [4.69.134.182]
                  17 250 ms 249 ms 250 ms ae-2-79.edge2.Washington1.Level3.net [4.68.17.81]
                  18 277 ms 251 ms 251 ms ROADRUNNER.edge2.Washington1.Level3.net [4.79.22.6]
                  19 252 ms 253 ms 253 ms ae-1-0.cr0.dca10.tbone.rr.com [66.109.6.182]
                  20 252 ms 253 ms 258 ms 66.109.6.125
                  21 254 ms 253 ms 253 ms hrndvaspk-swt1-ge2-13.hrndva.rr.com [24.30.192.70]
                  22 * * * Request timed out.
                  23 * * * Request timed out.
                  24 * * * Request timed out.
                  25 * * * Request timed out.
                  26 * * * Request timed out.
                  27 * * * Request timed out.
                  28 * * * Request timed out.
                  29 * * * Request timed out.
                  30 * * * Request timed out.

                  Trace complete.

                  Give a computer on the LAN the address of public DNS servers (your ISP's DNS servers for example) and then flush that LAN computer's DNS cache (ipconfig /flushdns on a Windows machine). Now try to access the school's site. Is it successful? I am currently not able to do this just yet as im not on campus as of this time but can do sometime this week.

                  I hope this is able to help you more in helping me.

                  Thank You, Dave

                  Comment


                  • #10
                    Re: Unable to access external website from internal network [was:Problem]

                    Certainly is odd. DNS looks correct. I get replies from the servers you don't.

                    Code:
                    Pinging faithlc.qld.edu.au [202.60.89.114] with 32 bytes of data:
                    
                    Reply from 202.60.89.114: bytes=32 time=370ms TTL=41
                    Reply from 202.60.89.114: bytes=32 time=371ms TTL=41
                    Reply from 202.60.89.114: bytes=32 time=367ms TTL=41
                    Reply from 202.60.89.114: bytes=32 time=365ms TTL=41
                    Code:
                    Pinging faithlc.qld.edu.au [202.60.89.114] with 32 bytes of data:
                    
                    Reply from 202.60.89.114: bytes=32 time=366ms TTL=41
                    Reply from 202.60.89.114: bytes=32 time=370ms TTL=41
                    Reply from 202.60.89.114: bytes=32 time=369ms TTL=41
                    Reply from 202.60.89.114: bytes=32 time=366ms TTL=41
                    Code:
                    Tracing route to kimberly.myownserver.net [202.60.89.114]
                    over a maximum of 30 hops:
                    
                      1    <1 ms    <1 ms    <1 ms  10.50.0.254
                      2    30 ms    30 ms    30 ms  btdhg573-hg1.ealing.broadband.bt.net [217.47.120
                    .200]
                      3    31 ms    31 ms    30 ms  217.47.120.162
                      4    35 ms    32 ms    33 ms  217.47.120.238
                      5   197 ms    49 ms   232 ms  217.47.219.250
                      6    36 ms    31 ms    33 ms  217.41.168.29
                      7    32 ms    32 ms    34 ms  217.41.168.78
                      8    32 ms    33 ms    33 ms  217.41.168.54
                      9    32 ms    32 ms    32 ms  217.47.87.50
                     10    33 ms    36 ms    33 ms  core4-pos0-7-0-10.ealing.ukcore.bt.net [194.72.1
                    7.213]
                     11    34 ms    35 ms    33 ms  core2-pos0-0-0-4.ilford.ukcore.bt.net [62.6.204.
                    41]
                     12    35 ms    34 ms    32 ms  transit2-gig11/0/0.ilford.ukcore.bt.net [194.72.
                    20.154]
                     13    33 ms    35 ms    34 ms  t2c2-ge13-0-0.uk-ilf.eu.bt.net [166.49.168.117]
                    
                     14    33 ms    36 ms    33 ms  t2c2-p5-0-1.uk-lon2.eu.bt.net [166.49.195.126]
                     15    41 ms    41 ms    40 ms  t2c2-p1-0.nl-ams2.eu.bt.net [166.49.208.129]
                     16    42 ms    41 ms    41 ms  t2a4-prc2.nl-ams2.eu.bt.net [166.49.200.52]
                     17    40 ms    43 ms    40 ms  166-49-153-185.eu.bt.net [166.49.153.185]
                     18   201 ms   201 ms   196 ms  so-0-1-1.sjc11.ip.tiscali.net [213.200.81.153]
                     19   194 ms   198 ms   197 ms  asia-netcom2-gw.ip.tiscali.net [213.200.80.142]
                    
                     20   351 ms   350 ms   355 ms  po4-0.cr1.syd1.asianetcom.net [202.147.50.158]
                     21   354 ms   349 ms   352 ms  gi1-0.gw2.syd1.asianetcom.net [202.147.40.178]
                     22   355 ms   355 ms   354 ms  Pacific-Internet.gw2.syd1.asianetcom.net [203.19
                    2.166.150]
                     23   355 ms   354 ms   352 ms  vl64.switch2.syd.pacific.net.au [61.8.2.130]
                     24   369 ms   371 ms   373 ms  g1-39.switch1.bne.pacific.net.au [210.23.140.254
                    ]
                     25   365 ms   371 ms   369 ms  g1-hs.core-bne.servers.net.au [203.143.242.154]
                    
                     26   368 ms   367 ms   371 ms  kimberly.myownserver.net [202.60.89.114]
                    
                    Trace complete.
                    I am almost tempted to say the issue looks like the internet provider.
                    Please remember to leave positive reputation points (The Ying Yang Icon) if someone helps you.

                    Comment


                    • #11
                      Re: Unable to access external website from internal network [was:Problem]

                      Where is the website hosted?
                      Marcel
                      Technical Consultant
                      Netherlands
                      http://www.phetios.com
                      http://blog.nessus.nl

                      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                      "No matter how secure, there is always the human factor."

                      "Enjoy life today, tomorrow may never come."
                      "If you're going through hell, keep going. ~Winston Churchill"

                      Comment


                      • #12
                        Re: Unable to access external website from internal network [was:Problem]

                        Judging by my tracert, .AU. I see CPANEL too so I guess a shared hosting server.
                        Please remember to leave positive reputation points (The Ying Yang Icon) if someone helps you.

                        Comment


                        • #13
                          Re: Unable to access external website from internal network [was:Problem]

                          Ganador, thanks for the thorough reply!

                          Originally posted by Ganador View Post
                          Give a computer on the LAN the address of public DNS servers (your ISP's DNS servers for example) and then flush that LAN computer's DNS cache (ipconfig /flushdns on a Windows machine). Now try to access the school's site. Is it successful? I am currently not able to do this just yet as im not on campus as of this time but can do sometime this week.
                          So wait... how were you able to test the network availability of the domains if you weren't on campus? Does that mean this domain outage is effecting a broader area than just your school's network?

                          I just did another nslookup on both fathlc.qld.edu.au and www.faithlc.qld.edu.au and now I'm getting 202.60.89.114 for both of them. Strange that the other day I received 24.28.193.9 for the www domain.

                          If I were you I'd call up the ISP and start a case with them. Everything looks fine on your end. If you look at your tracert of 202.60.89.114 it stars out at hop 5. That doesn't mean that that is the problem necessarily, it could just be that the real problem is hop 6, 7, 8, etc... Do you know if this problem exists elsewhere in your area?

                          Keep us posted!
                          Wesley David
                          LinkedIn | Careers 2.0
                          -------------------------------
                          Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
                          Vendor Neutral Certifications: CWNA
                          Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
                          Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

                          Comment


                          • #14
                            Re: Unable to access external website from internal network [was:Problem]

                            Can you browse succesfully to other sites on the net???

                            Do you have a firewall installed on your network??? Are there any ACL's that could be blocking this site???

                            Comment


                            • #15
                              Re: Unable to access external website from internal network [was:Problem]

                              I remoted into the server and did the work from that.
                              Originally posted by Nonapeptide View Post
                              Ganador, thanks for the thorough reply!



                              So wait... how were you able to test the network availability of the domains if you weren't on campus? Does that mean this domain outage is effecting a broader area than just your school's network?

                              I just did another nslookup on both fathlc.qld.edu.au and www.faithlc.qld.edu.au and now I'm getting 202.60.89.114 for both of them. Strange that the other day I received 24.28.193.9 for the www domain.

                              If I were you I'd call up the ISP and start a case with them. Everything looks fine on your end. If you look at your tracert of 202.60.89.114 it stars out at hop 5. That doesn't mean that that is the problem necessarily, it could just be that the real problem is hop 6, 7, 8, etc... Do you know if this problem exists elsewhere in your area?

                              Keep us posted!

                              Comment

                              Working...
                              X