Error resolving DNS domain

Luis Eduardo Reyes Gaspar 46 Reputation points

Dear Friends

I have an issue for resolving DNS from internal domain to external on the company, I'll try to explain it...

I have an internal domian as with AD DS services DNS and DHCP only for internal users.

The company has a web page hosped on third party provider with the same domain as

Internelly users cannot resolve the web page because is out company, but I tried to create a record with its Public IP and hostname and I think it works.

On DNS Server has DNS forwarders and root hints and it works ok.

My question is, is it valid to create a record with an Public IP on the internal DNS?

Could anyone help me ? Which is the better recommendation or What Should I configure?

Best regards

Luis Reyes

Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,021 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Dave Patrick 426K Reputation points MVP

    Sounds like you may need a split brain deployment.

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments No comments

  2. Gloria Gu 3,891 Reputation points

    @Luis Eduardo Reyes Gaspar Hi,

    Thank you for posting in Q&A!

    According to my research, so far there're two methods suggested to solve your issue:

    1. It is suggested to contact your third party website provider, to change the website into "" and add an A record "www" in internal DNS server under the forward lookup zone which point to the public IP of the website.
      If it's hard to change the website into "", redirection might be helpful too.
    2. If you don't want to change the website, you can Create an empty A record under the forward lookup zone which point to the public IP of the website.
      However, this method is not suggested because it will cause some unexpected problems when the users trying to perform AD authentication.

    There're some same issue threads discussed about these solutions, For more details, you can refer to:

    Hope you have a nice day : )


    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.