Links to Outlook Web Access

[jdc2000]

I have an Exchange Server Outlook Web Access page that I would like to be able to create a link on an Internet web page for. Ideally, I would like this link to work whether it is accessed from outside the local are network or inside the network. As things are currently set up, two links are needed. The details below outline the network setup.

Current setup:
http://mail.mydomain.com/exchange - works from outside the LAN
http://xxx.xxx.xxx.xxx/exchange - works from inside the LAN (static IP address)

The system is running SBS2003 and Exchange 2003, and is connected to the Internet through a Linksys Cable/DSL router.

I'd like to get the http://mail.mydomain.com/exchange link to work from inside the LAN if. It is probably some simple change that is needed, but I don't want to change something that enables the outside link to work from inside the LAN while breaking some other functionality. Any ideas would be appreciated. Thanks.

[Tuttle]

How many DNS servers do you have serving info for your public domain (mydomain.com), where are they (ie you or an ISP/host), and do they serve different groups (ie do some handle requests from you and some handle requests from the Internet)? Also, roughly how many something.mydomain.com records do you have, and are they fairly static?

Note that I'm not terribly interested in the servers your PCs use to look names up (that's just the SBS box), but what servers claim to be authoritative for queries about mydomain.com. I'm also assuming that the active directory domain name for your network is different to the public one (ie it's not mydomain.com).

The solution here is to rig DNS so that anyone inside your network asking for mail.mydomain.com gets the internal IP address, but to work out how I need a better picture of your existing DNS infrastructure.

[jdc2000]

Thanks for the reply. I figured a DNS change was needed, but I didn't want to mess anything up.

The SBS2003 PC is set up for mail.mydomain.com and mail.mydomain.local I have not specifically wet up any something.mydomain.com entries, so the only ones would be whatever SBS2003 setup might create automatically. It might also help to mention that while this server does host the e-mail using Exchange Server 2003, it does NOT at present host the web site. The web site hosting is outsourced at present.

[jdc2000]

After further research, it looks like I may need to add a new forward lookup zone to the DNS on the SBS2003 server. It currently has a mydomain.local zone with a mail entry under that, but no mydomain.com zone and mail entry. However, since I don't want to do anything that could end up causing problems, I'm still looking for any instructions on exactly what to change or add. Thanks.

[Tuttle]

Sorry, forgot about this one. You're right in that you need to add a mydomain.com primary zone to your internal DNS server, but you need to create sensible records for all the stuff.mydomain.com records you have. Once you create that primary zone, no queries for mydomain.com will be passed out to the servers that serve your domain's DNS info publicly.

[jdc2000]

After doing additional research, the usual suggestion to solve this problem is to set all of the internal network PC's to use ONLY the SBS 2003 DNS server as their DNS server. With this setup, DNS lookups that the SBS 2003 server does not control are passed out to other DNS servers. However, I do not want to do this since it will cause internet access to fail for all PC's on the network if the SBS 2003 server is not up and functioning properly.

A forward lookup zone would also seem to have problems. I have not created any stuff.mydomain.com records, but I don't know how many are already there as part of a standard SBS 2003 installation. Also, I don't want to create other problems while trying to solve what should be a simple problem. For example, I don't know what problems the issue listed below would cause.

Once you create that primary zone, no queries for mydomain.com will be passed out to the servers that serve your domain's DNS info publicly.

Any additional ideas on how to solve what would seem like a simple problem without creating more problems would be greatly appreciated. The address issue is a pain for those users who have laptops and travel frequently. They have to keep changing mail server and Outlook Web Access addresses depending on whether they are connected internally or not.

Thanks.

[ua549]

In a properly set up domain the DC should be set as the DNS serve for all domain members.

When folks who travel login, are they connecting to the domain (via VPN) or logging in locally and connecting to the internet via other means?

When I traveled, I used a Netsh script to adjust my location. A simple click would redefine the network connection to match each location I was at.

[jdc2000]

Thanks for the reply

I realize that Microsoft's preferred way is for the server to act as the DNS server for the domain PC's. However, that is not the best option for this particular situation. Those users off site that need access use a VPN connection. However, the majority of users only require e-mail, and that is through a POP3 connection to the Exchange Server.

Most remote users are not computer gurus - they are lucky if they know how to retrieve their e-mail. They will not want to be using any netsh scripts or other means to change settings, they just want it to work. In any case, the problem is not with remote use, it is the internal network setup that I am trying to configure so it works the same as it would for an external user for e-mail access only. This would allow mobile users to use the same settings for both internal and external connections for their e-mail access.

[ua549]

An option is to put a HOSTS file on their system the points to the correct place when they are in the office since the external DNS server will not have a reference to the .local domain.

[jdc2000]

Thanks.

I thought of that, but I would need to create a script or program to enable/disable the hosts file or entry for when they are gone. That would work OK, but they would need to remember to use it.

[ua549]

Make a HOSTS entry for mail.mydomain.com using the public IP address.
It will work from inside or outside. That is exactly how my home network is setup. The only difference is that I'm using Win2k3 Server rather than SBS.

[Tuttle]

In most SOHO cases, using the public IP address from inside the network won't work -- cheap routers generally don't do loopback NAT. That's why you either need split DNS or a way to reconfigure the mail client when you move around.

[ua549]

Work fine with my cheap home router, Netgear FVS318.

[jdc2000]

The public IP address for the mail server from inside the network gets you the router setup page (with login dialog box) on my setup.

[ua549]

Port 80 must be forwarded to to the internal IP address of the server that runs IIS and Exchange.