Sounds like you may need a split brain deployment.
https://learn.microsoft.com/en-us/windows-server/networking/dns/deploy/split-brain-dns-deployment
--please don't forget to Accept as answer if the reply is helpful--
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Dear Friends
I have an issue for resolving DNS from internal domain to external on the company, I'll try to explain it...
I have an internal domian as domain.com with AD DS services DNS and DHCP only for internal users.
The company has a web page hosped on third party provider with the same domain as domain.com.
Internelly users cannot resolve the web page because is out company, but I tried to create a record with its Public IP and hostname and I think it works.
On DNS Server has DNS forwarders and root hints and it works ok.
My question is, is it valid to create a record with an Public IP on the internal DNS?
Could anyone help me ? Which is the better recommendation or What Should I configure?
Best regards
Luis Reyes
Sounds like you may need a split brain deployment.
https://learn.microsoft.com/en-us/windows-server/networking/dns/deploy/split-brain-dns-deployment
--please don't forget to Accept as answer if the reply is helpful--
@Luis Eduardo Reyes Gaspar Hi,
Thank you for posting in Q&A!
According to my research, so far there're two methods suggested to solve your issue:
There're some same issue threads discussed about these solutions, For more details, you can refer to:
https://www.dell.com/support/article/en-sg/sln164042/dns-considerations-in-a-windows-environment-with-identical-internal-and-external-domain-names?lang=en
https://social.technet.microsoft.com/Forums/ie/en-US/4d97325b-ff3a-4f46-ba6e-dc3f4ff978e1/dns-internal-domain-has-same-name-as-external-website?forum=winserverNIS
Hope you have a nice day : )
Gloria
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
https://learn.microsoft.com/en-us/answers/articles/67444/email-notifications.html
Hi,
If it's impossible to change the website into "www.domain.com", adding an A record "www" with the public IP will be meaningless, because the "www.domain.com" even didn't exist.
The only method will be creating an empty A record with the public IP, so when the internal user want to resolve the "domain.com", it will come up with the result of the existing internal record of the “domain.com” and the public ip randomly (so I said it will cause some AD authentication problems)
But since you can not change the website, it seems that you can only use this method. It is suggested that you can first test in your lab environment, if it works fine, then put it into the production environment, which is more safer, hope it will be helpful to you!