RE: [ISALIST] Domain name issue
- From: "Paul Nuernberger" <pen@xxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 19 Dec 2001 15:32:12 -0600
Re: [isalist] RE: [ISALIST] Domain name issueGiven your scenario, the 'PDC'
(x.x.x.2) would ordinarily already be your DNS Server. On the PDC: click on
Start, Programs, Admin Tools, DNS. Once it is open, drill down to your
domain in the forward lookup zones, select your domain so it's hosts are
listed in the RH pane, right click on the RH pane and select 'New Host'. In
the dialog box put in www with nothing else for the name, and fill in the IP
of the hosting server, leave the checkbox at the bottom unchecked. Done.
Putting DNS on the ISA server exposes AD to the world if you are ever
compromised - not good. The safest bet would be to let your domain
controller be the authority for DNS/DHCP/WINS because in a small domain it
isn't usually doing much else (like AD replication, active DNS zone
transfers, etc.).
-----Original Message-----
From: Ian Sterling [mailto:i_sterling@xxxxxxxxxxx]
Sent: Wednesday, December 19, 2001 3:17 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: [ISALIST] Domain name issue
http://www.ISAserver.org
Yes, I? running Win2k/AD DNS in the internal domain, and I had thought
that the answer here might be a host file entry, but not having played with
those much, I wasn?t sure. I do have a question, though. I have 3
servers ? server 1=x.x.x.1=ISA; server 2=x.x.x.2=PDC, also SQL & DHCP-secure
nat client; server 3=x.x.x.3=Exchange 2k-secure nat. In your opinion,
should the DNS server be on the ISA or on server 2 or does it matter? And
should the host file for the www.domain-name.com site be on the DNS server?
Or will it need to be on all the other clients (who are all running the isa
client software).
Thanks,
Ian Sterling
On 12/19/01 1:11 PM, "Paul Nuernberger" <pen@xxxxxxxxx> wrote:
http://www.ISAserver.org
I am assuming that you are running W2k/AD DNS in your internal domain -
why not just add a host entry for the www. host, pointing at the relevant ip
address. As long as you are set up correctly (i.e. using your internal DNS
to resolve first, and forwarding requests when it can't) this should work.
Or, at least, it worked for one of my customers in the exact same situation.
The only host outside of their internal network/domain was the website, and
initially email (now is also 'in-house').
Paul Nuernberger
Manager
BARON Computers, Inc.
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
pen@xxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
