Computer (networking) experts

sam_gordon

sam_gordon

DIS Legend
Joined
Jun 26, 2010
Messages
27,556
This is not my setup, I'm trying to help someone and have exhausted my limited knowledge about networking...

Server A hosts a website. The server is behind a firewall. Server A's webpage can be reached from the internet.
Server A's webpage has links (via name, not IP) to Servers B & C (each with their own webpage), which is also behind the firewall.
When accessing Server A from the private network (NOT a domain if that makes a difference), the links to Server B & C work.
When accessing Server A from the internet, Server A's webpage displays correctly. But if you click on the link to Server B or C, you get a message saying "serverb\webpage can not be found".

So it sounds like a DNS issue to me (can't resolve the IP address from the name), but only when you access from the public internet.
I get that the DNS servers on the internet know when you go to website.serverA.com, it gets pointed to the public IP for the firewall. The firewall/router knows to resolve to the "local" IP for serverA.

But how/where do you tell those outside computers to use the "private" DNS server? In the firewall? Another server?

As much as I'd like to try it, we can NOT change the links on A's webpage to IP.

If anyone has suggestions, it would be appreciated.
 
You are correct. It is a DNS issue.

The firewall needs to properly route external traffic (dns masq).

Or it could be an SOA issue with the A record. Google search would help with that.
 
dizneegirl said:
You are correct. It is a DNS issue.

The firewall needs to properly route external traffic (dns masq).

Or it could be an SOA issue with the A record. Google search would help with that.
Click to expand...
Sorry, still confused. Maybe if I get a a look at their firewall configs.
 
might also ensure the browser allow cross site access....but sounds like dns
 

Also on this statement "But how/where do you tell those outside computers to use the "private" DNS server? In the firewall? Another server?"... the end user should not be having to do anything with dns, this is the server not properly routing....i'd also check the webserver logs to see what it tried to do.
 
Orcmeat said:
Also on this statement "But how/where do you tell those outside computers to use the "private" DNS server? In the firewall? Another server?"... the end user should not be having to do anything with dns, this is the server not properly routing....i'd also check the webserver logs to see what it tried to do.
Click to expand...
Which server not properly routing? Server A? DNS Server? Router?
 
When an end user is attached to server A and clicks a link to server B or C are they sent to a page hosted on that server or is server A pulling in content from Servers B and C and displaying it on a page server A is hosting? If it is the former it isn't going to work unless servers B and C have public DNS records. If it is supposed to be the later it sounds like something is set up wrong.

In your description it sounds like servers B and C should be serving data or services to Server A, not to any outside party directly.

I'm hoping Server A is in a DMZ if it is publicly accessible. If servers B and C are inside a private perimeter because they host private data then it could also be a firewall rule not allowing that data back to server A as well. That is assuming everything is configured to allow server A to present any data from B and C without trying to send visitors to those servers.
 
GreatLakes said:
When an end user is attached to server A and clicks a link to server B or C are they sent to a page hosted on that server or is server A pulling in content from Servers B and C and displaying it on a page server A is hosting? If it is the former it isn't going to work unless servers B and C have public DNS records. If it is supposed to be the later it sounds like something is set up wrong.

In your description it sounds like servers B and C should be serving data or services to Server A, not to any outside party directly.

I'm hoping Server A is in a DMZ if it is publicly accessible. If servers B and C are inside a private perimeter because they host private data then it could also be a firewall rule not allowing that data back to server A as well. That is assuming everything is configured to allow server A to present any data from B and C without trying to send visitors to those servers.
Click to expand...
If I understand correctly, the content from Servers B and C are displayed on Server A's page. Pretty sure the address doesn't change. I'll look.

I do think it's a configuration issue, but not sure what to suggest to change.
 
sam_gordon said:
Which server not properly routing? Server A? DNS Server? Router?
Click to expand...
It depends on how server A is presenting these links to the end user...is it resolving the content and then displaying it to the user? (then it is a server a issue), but if you are just putting links out for the browser to resolve then it could be a browser issue. most browsers will block links from redirecting you to a 3rd site (xss hacks)
 
sam_gordon said:
This is not my setup, I'm trying to help someone and have exhausted my limited knowledge about networking...

Server A hosts a website. The server is behind a firewall. Server A's webpage can be reached from the internet.
Server A's webpage has links (via name, not IP) to Servers B & C (each with their own webpage), which is also behind the firewall.
When accessing Server A from the private network (NOT a domain if that makes a difference), the links to Server B & C work.
When accessing Server A from the internet, Server A's webpage displays correctly. But if you click on the link to Server B or C, you get a message saying "serverb\webpage can not be found".

So it sounds like a DNS issue to me (can't resolve the IP address from the name), but only when you access from the public internet.
I get that the DNS servers on the internet know when you go to website.serverA.com, it gets pointed to the public IP for the firewall. The firewall/router knows to resolve to the "local" IP for serverA.

But how/where do you tell those outside computers to use the "private" DNS server? In the firewall? Another server?

As much as I'd like to try it, we can NOT change the links on A's webpage to IP.

If anyone has suggestions, it would be appreciated.
Click to expand...

What is the reason for the bolded? Are all three servers in the same zone?
 
A few suggestions from my trusty AI:

“The issue you're experiencing seems to be related to your firewall and DNS settings. The firewall appears to be correctly configured to allow traffic to Server A from the internet, but it's not allowing traffic to Server B and C from the internet. Also, the DNS resolution from the internet might not be correctly set up for Servers B and C.

Here are some steps you might take to resolve this issue:
  1. Update Firewall Settings: Check the firewall rules and ensure that traffic from the internet is allowed to reach Servers B and C. This might involve creating NAT (Network Address Translation) rules or port forwarding rules in your firewall to direct incoming requests to the appropriate server.
  2. DNS Configuration: When the server links are specified by name (not IP), the client browser needs to resolve those names to IP addresses. Inside your private network, this is probably working fine, but over the internet, this DNS resolution might not work if the DNS for Server B and C are not publicly accessible. You may need to set up public DNS entries for these servers, which would direct users to the correct IP addresses when accessed from the internet.
  3. Fully Qualified Domain Names (FQDN): It may also be a good idea to use Fully Qualified Domain Names (FQDN) in your links if you're not already doing so. A FQDN includes the full site name and domain, like 'serverb.example.com', rather than just 'serverb'. This can help ensure that the DNS lookups are correctly finding your servers.
  4. Reverse Proxy: Another approach, especially if you do not want to expose Server B and C directly to the internet, is to use Server A as a reverse proxy for Servers B and C. This would mean that all traffic comes to Server A, which then forwards it on to Server B or C as needed, and sends the response back to the client. This has the added benefit of hiding the existence and details of Server B and C from the public.
Remember, it is important to consider the security implications of these changes. Exposing more servers to the internet, opening more ports, and adding more public DNS entries all potentially increase your security risk. So, always balance your network configuration changes with the necessary security measures. It might be beneficial to consult with a network security expert when making these types of changes.”
 
We don't want to expose B and C to internet. So the reverse proxy sounds closest to what we want to do. Thanks for the suggestion.
 
You must log in or register to reply here.


New Threads

Iris1974
During the week or the weekend in February... need help deciding...
Replies
0
Views
39
Iris1974
Iris1974
J
rides at Magic kingdom 2025
Replies
4
Views
70
Dave006
D
B
Happy Eid al-Adha (Islamic Holiday) to all who celebrate this week. ☪️ 🕌
Replies
0
Views
36
Buzz Rules
B
CAPSLOCK
Fence repair - replace panels but keep using existing posts
Replies
1
Views
55
dizneegirl
dizneegirl
Disneyland1084
Booking a package a year in advance....
Replies
1
Views
79
maleficent55
maleficent55
A
Minnie Van to Hotel without Dining Reservation Question
Replies
2
Views
156
Dave006
D
ajsamett
Potential new member, give me opinions!
Replies
8
Views
208
ajsamett
ajsamett
G
  • Poll Poll
Oogie Boogie Bash- should I go?
Replies
1
Views
107
cruisehopeful
cruisehopeful

NEWS & UPDATES



New Posts










Save Up to 30% on Rooms at Walt Disney World!
Save up to 30% on rooms at select Disney Resorts Collection hotels when you stay 5 consecutive nights or longer in late summer and early fall. Plus, enjoy other savings for shorter stays.This offer is valid for stays most nights from August 1 to October 11, 2025.
CLICK HERE







New Posts

RedAngie
Bands With Siblings
2 3 4
Replies
78
Views
2K
tx911
tx911
Cinderella94
5 nights on Fantasy or 7 nights on Treasure?
Replies
19
Views
316
DCL58
D
ssgtravel
Take Away desserts
Replies
16
Views
1K
Micca
Micca
musicmom3331
Photopass
Replies
11
Views
757
LKing
LKing
J
rides at Magic kingdom 2025
Replies
4
Views
70
Dave006
D
FFigawi
Marathon Weekend 2026
124 125 126
Replies
3K
Views
130K
FFigawi
FFigawi
mickey916
*6/8 Update: Our Intentions Were Good, But The Treats Were Better: One Month in Disney (4/21-5/21)
2 3 4
Replies
65
Views
8K
amyjoq
amyjoq
fly girl
Funny Memes
1019 1020 1021
Replies
20K
Views
2M
CAPSLOCK
CAPSLOCK
I
Skyliner stroller red tag capacity limited ADA discrimination
3 4 5
Replies
87
Views
2K
Isthisnormalatdisney
I
Sandisw
DVC T &C Personal Use - Only Thread to Discuss.
90 91 92
Replies
2K
Views
89K
Mouseforward
M
View more…






DIS Facebook DIS youtube DIS Instagram DIS Pinterest

Back
Top