Hi all -
I work at a small private college. We've been experiencing a weird DNS issue for a while, hopefully I can explain it well enough.
We have a lot of servers. Some servers reside in our DMZ (Blackboard, Mailman, etc...) and some are on our internal (10.2.x.x) network.
Those servers that reside in the DMZ NEVER have any issues. I can go to blackboard.school.edu in my web browser and get to it 100% of the time. Those that are on our internal network, we have issues getting to. For example, our knowledgebase is albert.school.edu. I cannot guarantee that we can get to it 100%. If you can't get to it, you can release/renew your IP address and then most likely you'll be able to get to it.
Also, this seems to happen only on Windows machines. I have a Windows, Mac and Linux box on my desk. This issue NEVER appears on the Mac or Linux...only on the Windows box.
We have an ASA5510 for our firewall. When we have a server on our internal network but need it accessible from the outside we set up a static route on the ASA:
and also open the appropriate holes in the ASA.
But we also do the same for servers in the DMZ:
We have tried multiple DNS servers over time. We've had an appliance that does DNS (Cobalt RAQ), a Novell Server, a Linux Server, and most recently a Windows 2003 server. This issue has continued to happen throughout all the different DNS servers. I'm starting to think it's not DNS. At this point, I'm thinking it maybe something in our firewall...but am not 100% sure. I am really at a loss...
So, in short...
You can't get to resources on internal servers 100% of the time.
Release/renew of your IP will most likely fix your issue.
Only happens on Windows machines.
Have tried multiple DNS servers, but the issue still exists.
Any suggestions or input would be much appreciated!!!
I work at a small private college. We've been experiencing a weird DNS issue for a while, hopefully I can explain it well enough.
We have a lot of servers. Some servers reside in our DMZ (Blackboard, Mailman, etc...) and some are on our internal (10.2.x.x) network.
Those servers that reside in the DMZ NEVER have any issues. I can go to blackboard.school.edu in my web browser and get to it 100% of the time. Those that are on our internal network, we have issues getting to. For example, our knowledgebase is albert.school.edu. I cannot guarantee that we can get to it 100%. If you can't get to it, you can release/renew your IP address and then most likely you'll be able to get to it.
Also, this seems to happen only on Windows machines. I have a Windows, Mac and Linux box on my desk. This issue NEVER appears on the Mac or Linux...only on the Windows box.
We have an ASA5510 for our firewall. When we have a server on our internal network but need it accessible from the outside we set up a static route on the ASA:
Code:
static (inside,outside) 198.150.XXX.XXX 10.2.1.48 netmask 255.255.255.255 tcp 100 70
and also open the appropriate holes in the ASA.
But we also do the same for servers in the DMZ:
Code:
static (ColDMZ,outside) 198.150.XXX.XXX 198.150.XXX.XXX netmask 255.255.255.255
We have tried multiple DNS servers over time. We've had an appliance that does DNS (Cobalt RAQ), a Novell Server, a Linux Server, and most recently a Windows 2003 server. This issue has continued to happen throughout all the different DNS servers. I'm starting to think it's not DNS. At this point, I'm thinking it maybe something in our firewall...but am not 100% sure. I am really at a loss...
So, in short...
You can't get to resources on internal servers 100% of the time.
Release/renew of your IP will most likely fix your issue.
Only happens on Windows machines.
Have tried multiple DNS servers, but the issue still exists.
Any suggestions or input would be much appreciated!!!