Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Question

Moving website from internal webserver to external host

Dec 16, 2013 7:28AM PST

Okay, so my employer had a website that was created eons ago through various free/opensource products. We had the webserver onsite, prior to my time here, and as it started to become less reliable, I was asked to create a new site that would be hosted offsite.

New site has been created, domain has been pointed to it, it works very well with one little exception--you can't view it from our LAN. Outside of our network, it works beautifully.

My background is less in Networking, and more in GIS/spatial analysis, but that makes me the "tech guy" in our organization and I'm getting hammered over this. I've got the broad overview of the networking thing, but I'm far from an expert. I think the problem lies in our firewall, a Cisco ASA 5505. I think it was set up so that computers in our LAN would be routed directly to our old web server, rather than going out and back in to it.

I'm not sure how this was accomplished though, and I'm hoping some of you guys might have some suggestions as to how you would have done it (and how to undo it). From the research I've done, the easiest way to 'hairpin' it would be to configure the device to "enable traffic b/w two or more hosts connected to the same interface." This hasn't been done though, so I'm looking for other options. Any ideas or suggestions?

Discussion is locked

- Collapse -
Clarification Request
Ping your domain name
Dec 16, 2013 3:31PM PST

from the outside and the inside and see if the IP address of your web server is the same. If it's different, then find out which DNS server is being used. There's probably a record on the DNS server that points to an internal IP address that's no longer valid.

~Sovereign

- Collapse -
Answer
So it's a firewall?
Dec 16, 2013 8:12AM PST

The only good news I read here is it's a Cisco product. Cisco does have tech support so why not call it in and work with them on it?
Bob

- Collapse -
Answer
Solved!
Dec 17, 2013 1:06AM PST

Sovereign, thank you so much. I just kept getting hung up thinking it was hairpinning through the firewall somehow and needed a different perspective. Removed the forward lookup zone on the DNS and the problem was solved.