Re: [isalist] RE: [ISALIST] Domain name issueGiven your scenario, the 'PDC' (x.x.x.2) would ordinarily already be your DNS Server. On the PDC: click on Start, Programs, Admin Tools, DNS. Once it is open, drill down to your domain in the forward lookup zones, select your domain so it's hosts are listed in the RH pane, right click on the RH pane and select 'New Host'. In the dialog box put in www with nothing else for the name, and fill in the IP of the hosting server, leave the checkbox at the bottom unchecked. Done. Putting DNS on the ISA server exposes AD to the world if you are ever compromised - not good. The safest bet would be to let your domain controller be the authority for DNS/DHCP/WINS because in a small domain it isn't usually doing much else (like AD replication, active DNS zone transfers, etc.). -----Original Message----- From: Ian Sterling [mailto:i_sterling@xxxxxxxxxxx] Sent: Wednesday, December 19, 2001 3:17 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: [ISALIST] Domain name issue http://www.ISAserver.org Yes, I? running Win2k/AD DNS in the internal domain, and I had thought that the answer here might be a host file entry, but not having played with those much, I wasn?t sure. I do have a question, though. I have 3 servers ? server 1=x.x.x.1=ISA; server 2=x.x.x.2=PDC, also SQL & DHCP-secure nat client; server 3=x.x.x.3=Exchange 2k-secure nat. In your opinion, should the DNS server be on the ISA or on server 2 or does it matter? And should the host file for the www.domain-name.com site be on the DNS server? Or will it need to be on all the other clients (who are all running the isa client software). Thanks, Ian Sterling On 12/19/01 1:11 PM, "Paul Nuernberger" <pen@xxxxxxxxx> wrote: http://www.ISAserver.org I am assuming that you are running W2k/AD DNS in your internal domain - why not just add a host entry for the www. host, pointing at the relevant ip address. As long as you are set up correctly (i.e. using your internal DNS to resolve first, and forwarding requests when it can't) this should work. Or, at least, it worked for one of my customers in the exact same situation. The only host outside of their internal network/domain was the website, and initially email (now is also 'in-house'). Paul Nuernberger Manager BARON Computers, Inc. ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: pen@xxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')