Jump to content

Windows 2003 Server/DNS/Web Site hosted

Deploysrs

By Deploysrs
in Windows 2000/2003/NT4

 Share

Recommended Posts

Deploysrs

Deploysrs

Posted
Posted

I have a Windows 2003 Server named (Master1) that is connected to the Windows 2003 Domain called (ferrara2) in the Office. I just configured the Master1 server with DNS installed. I also configured DNS on Master1 to host a new Domain Name by adding a Forward lookup Zone File. Everything looks like I am good with all my configurations. It looks something like this:

(SOA) ns1.example.com,webmaster.example.com

Nameserver (NS) ns1.example.com

Nameserver (NS) ns2.example.com

ns1 Host (A) 207.0.0._

ns2 Host (A) 207.0.0._

www Host (A) 207.0.0._

I also paid for the Domain Name with Network Solutions and configured the names servers to point to ns1.example.com for the primary name server. After that I configured the secondary name server to point to ns2.example.com

So my question is now how do I get my Master1 server exsposed externally to the WWW so it will respond to Network solutions domain name and then have it display my web site that installed on my Master1 Server. I have a Netgear VPN Firewall Router that is connected to a Cable modem with a static IP.

Link to comment
Share on other sites

bobbydiaz

bobbydiaz

Posted
Posted

Well you will have to make some rules in the Netgear's firewall and NAT settings. You will have to create a NAT rule pointing the Public IP of the website to the internal address. In the firewall you will want to block all incoming traffic except for the ports below.

80 - HTTP

443 - HTTPS

53 - DNS

That should do it. I am still new to this so you might want to get a second opinion! Hope i helped though.

Link to comment
Share on other sites
Deploysrs

Deploysrs

Posted
  • Author
Posted (edited)
Well you will have to make some rules in the Netgear's firewall and NAT settings. You will have to create a NAT rule pointing the Public IP of the website to the internal address. In the firewall you will want to block all incoming traffic except for the ports below.

80 - HTTP

443 - HTTPS

53 - DNS

That should do it. I am still new to this so you might want to get a second opinion! Hope i helped though.

Thanks So Much That worked, Everything is working fine now after I made change on the Router. I only pointed port 80 and thats it.

Thanks bobbydiaz and Stoic Joker for all your help....

Edited by Deploysrs
Link to comment
Share on other sites
Stoic Joker

Stoic Joker

Posted
Posted

Way to much exposure (attack surface)!

If you're just hosting a website there is no point in having to contend with the exposure of a publicly facing DNS server. Especially if it's the one that handles DNS for your internal (LAN) network (e.g. There is NO Right Way to do That!). Let Network solutions handle you public (websites) DNS, point the domain at your public IP, and close (or Do Not Open) port 53.

Port 443 is only for SSL, so if you're not using it...don't open it!

Forward port 80 to the webserver, and that's all thats needed.

Link to comment
Share on other sites
Deploysrs

Deploysrs

Posted
  • Author
Posted
Way to much exposure (attack surface)!

If you're just hosting a website there is no point in having to contend with the exposure of a publicly facing DNS server. Especially if it's the one that handles DNS for your internal (LAN) network (e.g. There is NO Right Way to do That!). Let Network solutions handle you public (websites) DNS, point the domain at your public IP, and close (or Do Not Open) port 53.

Port 443 is only for SSL, so if you're not using it...don't open it!

Forward port 80 to the webserver, and that's all thats needed.

Thanks that works.... :-)

Link to comment
Share on other sites
zunger

zunger

Posted
Posted (edited)

Depending on what ISP you're using, this may not be possible.

Follow the steps suggested above although http should be the only one needed.

You need to be able to ping your domain and resolve to your ip (for example, if your ip was 150.150.150.150 and your domain was google.com, a ping in command prompt to google.com should resolve to 150.150.150.150). Once that is done, then the domain is forwarding to the correct IP. If this is not done, then you cannot do much more on troubleshooting. You can test to see if your ISP allows it by forwarding your ports to your http server and trying to access it via ip from outside of that network.

edit: walked away for lunch and someone beat me to it!

Edited by zunger
Link to comment
Share on other sites
Deploysrs

Deploysrs

Posted
  • Author
Posted
Depending on what ISP you're using, this may not be possible.

Follow the steps suggested above although http should be the only one needed.

You need to be able to ping your domain and resolve to your ip (for example, if your ip was 150.150.150.150 and your domain was google.com, a ping in command prompt to google.com should resolve to 150.150.150.150). Once that is done, then the domain is forwarding to the correct IP. If this is not done, then you cannot do much more on troubleshooting. You can test to see if your ISP allows it by forwarding your ports to your http server and trying to access it via ip from outside of that network.

edit: walked away for lunch and someone beat me to it!

Thanks for the Help :yes:

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...