This problem has only started to happen over the past few days, and nothing has changed (that I am aware of) so struggling to see what has happened.
I have a network setup that all run off the same router. One of the machines on that network is used to host websites which runs Microsoft Exchange Server 2003 & IIS 6.0. I have domain names which I have purchased from various hosting companies and I have updated the DNS records at their end to point to my web server i.e. I have setup an A record to point to my web server IP.
Everything was working fine up until a couple days ago – now I can't access any of my sites via IP or domain name from any machine on the network! Can still get access publically & also if I am connected to the network via VPN I can access the sites. As far as I am aware no Firewall rules have been changed & no router configuration has been changed so this is really odd.
If I add the internal IP & domain name into the Hosts file on the server I can get access, however, this doesn't work for the sub domains….
Any idea's what this could be?
Best Answer
Given that you already said nothing changed with your firewall and router, I doubt this is the case, but I felt compelled to comment. On some routers/firewalls, when you nat a (web)server, the inside IPs have trouble accessing the webserver using the external IP. Basically the firewall isn't smart enough or is missing the nat/routing rules to loopback to itself.
For our Sonicwalls, you can add a nat rule that basically says if its coming from the internal network going to the external IP, nat it to the internal IP. Not all firewalls let you do this though. I can elaborate more on this if you wish.
If this is indeed what is causing your problem, you need to add a hairpin NAT rule. A hairpin NAT rule allows a network request originating from an internal host to leave the network and then come back into the router on the WAN port and the request will be properly translated from the public IP of the router to the internal IP of your web server. The process for doing this is different depending on the make and model of your router. If you would provide that information it will help us.
A simpler fix is if you have an internal DNS server, add the A records there for the domain and subdomains pointing to the internal IP.