dns issue

Printable View

06-10-2008, 09:00 AM
Rick@BBM

dns issue

We host our company websites on our site, and any website that points to our server, if we access them internally, they load the untangle logon page instead.

Lets say... www.daigles.us or www.accessbbm.com
I home a few sites off my server 2008 domain controller machine, and exchange on another 2003 server in the forest. Port 80 requests point to the 2008, and all needed exchange ports point to the exchange server.. so pop/smtp virtual servers work, those domain emails work (and quite a few more), and so the exchange webmail page works if you goto for example...
https://daigles.us webmail site on 2003 server
http://daigles.us website on 2008 server
daigles.us pop server in outlook express
rick@daigles.us exchange email

Externally, everything works fine.

Internally, loads the untangle page for those domains that I host, because of course i'm on the same IP address as both these machines and the untangle. My external IP is 71.41.125.58.

I have it set so the default site in IIS on 2008 redirects to our main company site, hosted offsite.. just to add to the confusion if you try just our IP :)

How do I fix it so hosted sites work internally?
06-10-2008, 07:25 PM
mdh

Try CONFIG -> NETWORKING -> ADVANCED -> BYPASS RULES -> uncheck OVERRIDE PORT FORWARDS.
06-11-2008, 03:37 AM
YeOldeStonecat

I just noticed this....everything worked fine on a clients 5.03 setup since I set it up in January..I recently upgraded it to 5.2 last week..and just noticed this early this week when I was showing one of the clients staff how to access the Juniper SSL port and Remote Web Workplace.

A new Loopback issue.

Thanks for posting Rick...
06-12-2008, 10:59 AM
desiredforsome

Any idea when it will be fixed? it interfears with the reports sending to our exchange server also on the same lan as the untangle box.
06-12-2008, 02:35 PM
sky-knight

MDH just gave you the fix..

This is a side effect of the firewall rule structure requiring more detail. I still don't know why UT is using catch all rules for ports 80 and 443 to get into the management consoles.. it should only match packets actually destined for an IP on the UT server.
06-17-2008, 04:59 AM
desiredforsome

checked all taht and it still isnt working. it seems that when we go to a website hosted on our servers we have to use www. prefix and its certain applications that will allow it to work. like the ports being fowarded for vnc work fine but for our exchange webmail no. and our exchange pop server no.
06-17-2008, 09:21 AM
sky-knight

Have you tried adapting your port forward rules to include destined local as well as specify the source interfaces?