Page 1 of 1

Subdomain on a different machine needs own DNS?

Posted: Tue Feb 13, 2007 11:52 am
by RobertGonzalez
A question was brought up that I am not sure how to answer. I have set up subdomains before, but they have always been on the same box and server as the domain that the site was on. My company is looking to put our secure account management application on a subdomain of our corporate domain, but the secure site will be on a totally different server, machine and IP address than the public WWW site.

How would I set up the server (or DNS record or whatever needs to be set up) so that when a user visits http://www.mywww.com/ they get our WWW site, but when they visit https://acctmgr.mywww.com/ they get our secure account management app? We have several applications that run on our network as subdomains, and they are all on different machines, but they are local to our network (not accessible from the outside world). Any help would be appreciated.

Posted: Tue Feb 13, 2007 12:06 pm
by nickvd
You should just need to add an A record (and perhaps the reverse PTR) for the subdomain you want, and point it to the server that it sits on, if that server is private (10.x,172.16.x,192.168.x) then you will have a little more work to do :)

Posted: Tue Feb 13, 2007 12:11 pm
by RobertGonzalez
I think we did just that. We actually cannot hit the outside world IP (firewall issues) but we can hit the inside world IP, so we connect from our side of the firewall and the world connects from the other side. It's all good. Thanks for the help.

Posted: Tue Feb 13, 2007 12:16 pm
by nickvd
...?

You cannot access your (external) public website from the inside? How odd :)

Glad you got it sorted :)

Posted: Tue Feb 13, 2007 12:37 pm
by RobertGonzalez
We can access it, but our path to the server is different than from the outside. So we get to it through a different IP route.

Posted: Tue Feb 13, 2007 12:46 pm
by Kieran Huggins
I hate that - I usually modify my hosts file to compensate for "inside the firewall syndrome" (but we only have 10-15 machines to modify)

Posted: Tue Feb 13, 2007 1:07 pm
by nickvd
Assuming you run your own internal dns server, you can send the internal address to any requests coming in from the inside, and the outside address to any requests from the outside... That should solve any firewall issues.