I'm managing a network for my company, which operates under the domain 'company.com' internally with a lot of domain controllers and over 500 users. I'm trying to figure out a secure way for my internal users to access our external website using just the naked domain, 'domain.com'. The challenge is that we also use 'domain.com' for our internal Active Directory. Cloudflare manages DNS for our external site. Netsh port proxy isn't a great fit for this, and I definitely don't want to set up IIS with redirects on all my domain controllers. Am I out of luck here?
1 Answer
I think I see your dilemma. Since users are trying to access 'domain.com' for both the internal and external sites, it creates a conflict. A common approach for this kind of situation is to set up a split DNS configuration. This way, internal DNS resolves 'domain.com' to your internal services while external requests go to your external site. Just ensure that your internal users are using the correct DNS server that handles this split setup. It's relatively clean once configured correctly!
Yeah, split DNS could be the way to go! Just make sure to test everything thoroughly to avoid any access issues for internal users.