Hi all,

Here's a scenario that I need some help with.

Originally, I had an internal network with it's own exchange, DNS and webserver so I had DNS entries for www.mydomain.ca and mail.mydomain.ca.

I recently decided to move the mail and web hosting to an external service and use POP3 to retrieve mail.

Anyways, the problem I am having it is that in my internal network, I am not able to always reach their mail server. I think it is an internal issue as connecting externally is not a problem. So right now, I have the IP settings on the workstations to point to both the gateway and then the internal DNS server.

For example:

Primary DNS Server: 192.168.1.1 (Router)
Secondary DNS Server: 192.168.1.2 (Server)

It's sporatic when it does or does not work. I have flushed the DNS cache on the workstations and the server. Sounds like I have a conflict somewhere but not sure where. Any help would be much appreciated. Thanks.

ping mail.mydomain.ca and see if what IP it goes to. That will let you know if it's going to old IP (flush server cache or remove the entries for mydomain.ca on the server), new IP (nothings wrong, ports probably being blocked), or not found (DNS hasn't propagated everywhere yet).

When I ping it from both internal and external, it goes to the new host IP (which I do believe is correct). I do not get a response but they have a webmail which I can reach from external. Internally it is sporatic whether the webmail page shows up or not.

I have made this change 2-3 weeks ago and have flushed DNS on the workstations and Server several times. I have removed the mail.mydomain.ca and www.mydomain.ca from the internal DNS server. Should I be doing this or just pointing it to the new IP address?

When you are experiencing the problem try running a traceroute and figure out where the connection is going. See whether it is passing out through your gateway and to the WAN or if it is staying locally and trying to route back internally.

Try doing a force refresh / reload of the DNS zone.

Cheat and edit the hosts file of one of the systems and put the hostname/ip combination of the new server into the hosts file and see if you resolve the mail site properly.

Well it may be that your DNS server (secondary) still has a host entry for mail.mydomain.ca for the old IP. Have you changed the IP in the DNS config on the server?

Well, I deleted the entry from the local DNS server and then flushed the DNS cache. Last night I added an entry for mail.mydomain.ca with the new external IP address. I signed on to a couple of workstations and it seems to be fine but this problem was happening sporatically so that's what was puzzling to me. So I'm not 100% sure if it's a (not in any particular order)

1) Network issue
2) Server i.e. DNS issue
3) Workstation issue
4) User issue

I'm not onsite there during the day so it is a bit difficult to troubleshoot. Thanks for everyone's help so far though.

when you say externally..

are you using a webmail (ie https://mail.blahblah.ca/exchange) account or outlook?

when you are internal, do they have webmail they can access? if so does the same issue occur?

When I say externally, I mean it is hosted by another service so they just have to go to mail.mydomain.ca and a webmail version, similar to what you see from shaw appears.

What I had done was move the email service from our own exchange server to have it hosted via POP3. So when they are setting up outlook now, they are adding a POP3 account which would have SMTP entries as mail.mydomain.ca.

If they can't reach http://mail.mydomain.ca, then they also can't reach it via Outlook (yes, I know it's the same thing). Like I said earlier, the problem is not consistent. Whenever I try it (being the admin) it works for me but I'll get a call the next day stating that "nothing" works. Anyone want to do some admin work?!!! LOL! :D

since you can access it from outside the internal network without issues and have completed numerous dns flushes, i would start looking else where in your network.

does the router have access rules that block certain ports at certain times? does the router keep reseting itself?

once you rule out the router then start looking at other options. follow the network

does the switch have special settings on it?

have to checked the event log on the server to see if there are errors of any type?

If you manually put your ISP DNS servers into a Machine, does the site work 100%?

If so, then something is wrong with your DNS.

You should not need to use your Router as a DNS server if you have a DNS server setup in your environment. All clients should point to it only.

The DNS server should point to itself for DNS. You can also configure it with Helper/Forward addresses from the ISP.

Can you provide more details of your setup?

Here are the details of my setup.

Purpose: Provide small business server setup to provide web application hosting and file server. Basically the only services that I need to provide are Replicon time sheet application and file sharing/storage.

I have moved our email and web hosting to an external provided. There's only about a dozen workstations. So prior to the move, here is what services were on each server.

Server 1:
- Primary Domain Server
- DNS Server
- Exchange Server
- Web Server
- DHCP Server

Server 2:
- Secondary Domain Server
- File share/storage
- Backup Services

Telus is our ISP and I have a Linksys Router (Can't remember which model exactly). I have found that if I use the DHCP on the router, then I don't have any problems reaching the POP3 external server but if I do that, then I can't see any internal computers. I can't add any DNS servers in the router settings when serving DHCP.

That is why I thought that if I set the DNS servers in the DHCP settings to both the internal DNS server (192.168.1.2) and the router (192.168.1.1) then it will be able to find addresses internally and externally. Is this wrong or a bad thing to do?

I have signed on as another user and haven't had any problems when I try in the evening but when another user (my boss unfortunately) tries it during the day, he claims it doesn't work. I am getting him to install gotomypc today so I can try it on his machine. I just re-imaged his machine about a week ago. Anyways, I'm not sure if this was the detail you were looking for but let me know if you have any other suggestions.

The goal is to eventually consolidate to 1 server that will provide everything except web server and exchange/mail server. Thanks.

The problem with having 2 DNS entries like that, 1 from the router, 1 from your dns server, (or from Isp, etc). Is that it picks 1 as a preferance most the time.

What you can do, is setup your Server DNS to Forward to Telus's DNS. This will allow you to have internal dns handled by the server, and have it cache external requests (which it resolves from the ISP)

DHCP should always be handled by your Active Directory / Domain Controller, as it uses the information for the network.

The Linksys router should only be used as the Gateway address, and turn off DHCP / etc on it.