I have five fixed IPS and (usually) five computers hooked to them through my Fortgate 50B router with its WAN1 interface plugged into tone of the Comcast router's LAN interface.
I need to temporarily set up another server to process HTTPS. So I've set it up in a Server 2003 VM (happen to have a few licenses lying around). Luckily, two of the five physical machines are dedicated to RDP access and don't listen on port 443. S I set up a rule in my Fortigate to pass A.B.C.D:443 to the VM server, where A.B.C.D is the external IP of one of those two computers.
Let's say the VM server's name on the Internet is Name,Domain.com. If I open https://A.B.C.D I get through to my VM server and I can see the packet count for the rule I made increasing in the Fortigate. If I open https://Name.Domain.com I get "Cannot contact server" and the packet count does not increas in the FOrtigate. If I do a DNS lookup on Name.Domain.com I get A.B.C.D.
It looks as if packets destined to https://Name.Domain.Com aren't even getting to my router. THis is drivnig me buggy. What could be fging on?
Hi JonFleming. Base on the info from your post, there seems to be a missing or incorrect "A" record for the domain.
I though an A record went without saying, but I suppose you can't tell
C:\Users\Administrator>nslookup bq.bptc.com Server: nrcns.chelmsfdrdc2.ma.boston.comcast.net Address: 188.8.131.52 Non-authoritative answer: Name: bq.bptc.com Address: 184.108.40.206
And fom my home computer:
Server: google-public-dns-a.google.com Address: 220.127.116.11 Non-authoritative answer: Name: bq.bptc.com Address: 18.104.22.168
Hi JonFleming. Thanks for the additional info. The"A" record is incorrect. The IP range 22.214.171.124 does not belong to Comcast. The gateway will only pass inbound traffic to the Comcast IP Range that is configured on the gateway. You will need to correct the IP address for this sub-domain on the Domain host provider's name server.
Comcast tech support tells me that is indeed one of the IPs they are billing me for and is active. We've been using X.X.X.X thru X.X.X.X with a gateway of X.X.X.X since 2010.
IP address edited for privacy.
Tech support also infomrs me that my Comcast router signal was lousy, and a reboot fixed thaat. Apparently it also had out-of-date DNS servers in it which they reprogrammed. Won't have time to test until tomorrow.