Skip to content
Skip to main content

  • Home

JonFleming's profile
JonFleming

New Member

 • 

4 Messages

Monday, January 20th, 2014 10:00 AM

Packets don't get to my router if I use the DNS name

I have five fixed IPS and (usually) five computers hooked to them through my Fortgate 50B router with its WAN1 interface plugged into tone of the Comcast router's LAN interface.

 

I need to temporarily set up another server to process HTTPS. So I've set it up in a Server 2003 VM (happen to have a few licenses lying around). Luckily, two of the five physical machines are dedicated to RDP access and don't listen on port 443. S I set up a rule in my Fortigate to pass A.B.C.D:443 to the VM server, where A.B.C.D is the external IP of one of those two computers.

 

Let's say the VM server's name on the Internet is Name,Domain.com. If I open https://A.B.C.D I get through to my VM server and I can see the packet count for the rule I made increasing in the Fortigate. If I open https://Name.Domain.com I get "Cannot contact server" and the packet count does not increas in the FOrtigate. If I do a DNS lookup on Name.Domain.com I get A.B.C.D.

 

It looks as if packets destined to https://Name.Domain.Com aren't even getting to my router. THis is drivnig me buggy. What could be fging on?

Question

 • 

Updated 

11 years ago

1.8K

5

0

0

CC_John

Retired Employee

 • 

1.9K Messages

11 years ago

Hi JonFleming.  Base on the info from your post, there seems to be a missing or incorrect "A" record for the domain. 

 

Thank You

0

0

JonFleming

New Member

 • 

4 Messages

11 years ago

I though an A record went without saying, but I suppose you can't tell

 

C:\Users\Administrator>nslookup bq.bptc.com
Server:  nrcns.chelmsfdrdc2.ma.boston.comcast.net
Address:  68.87.71.226

Non-authoritative answer:
Name:    bq.bptc.com
Address:  177.166.43.13

 

 And fom my home computer:

 

Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Non-authoritative answer:
Name:    bq.bptc.com
Address:  177.166.43.13

 

 

0

0

JonFleming

New Member

 • 

4 Messages

11 years ago

Comcast tech support tells me that is indeed one of the IPs they are billing me for and is active. We've been using X.X.X.X thru X.X.X.X with a gateway of X.X.X.X since 2010.

IP address edited for privacy.

0

0

CC_John

Retired Employee

 • 

1.9K Messages

11 years ago

Hi JonFleming. Thanks for the additional info. The"A" record is incorrect.  The IP range 177.166.43.13 does not belong to Comcast. The gateway will only pass inbound traffic to the Comcast IP Range that is configured on the gateway.  You will need to correct the IP address  for this sub-domain on the Domain host provider's name server.

 

Thank You

0

0

JonFleming

New Member

 • 

4 Messages

11 years ago

Tech support also infomrs me that my Comcast router signal was lousy, and a reboot fixed thaat. Apparently it also had out-of-date DNS servers in it which they reprogrammed. Won't have time to test until tomorrow.

0

0