ProxySG & Advanced Secure Gateway

Hi Team,


There is an issue when adding the DNS Domain in the ASG, as I added the DNS of the Windows domain and then joined it, and it works well.

The issue is the website of my organization is having the same domain name of the windows domain. So once I add the DNS it will disable the website. And once I delete the DNS in the proxy, the website will work fine.
e.g. Windows domain: ABC.xyz.om ,  Wesite: ABC.xyz.om

I am not sure! Is there any conflict! And how we can solve it! And what the AD team can do from there side!

Appreciate your help,
Thanks.

Kindly any help!

@Slava  @Jacob
​​
Original Message:
Sent: 11-18-2021 12:39 AM
From: ITA ISD
Subject: DNS Issue

Hi Team,


There is an issue when adding the DNS Domain in the ASG, as I added the DNS of the Windows domain and then joined it, and it works well.

The issue is the website of my organization is having the same domain name of the windows domain. So once I add the DNS it will disable the website. And once I delete the DNS in the proxy, the website will work fine.
e.g. Windows domain: ABC.xyz.om ,  Wesite: ABC.xyz.om

I am not sure! Is there any conflict! And how we can solve it! And what the AD team can do from there side!

Appreciate your help,
Thanks.

Hello ITA, 

It would really help to get more information, such as , if this website hosted on the same domain controller as the Windows Domain ? is it hosted under the Same IP as the domain controller.
Another assumption here is , as it sounds like this website is on the LAN side , and if so , why is the LAN -> LAN traffic being sent to the proxy?
Or is this a reverse proxy scenario where its the WAN users cant access the web site, if so then , change the TCP Port on the WebSite Server so the web site is hosted on the different port other than 80 , say 88.
With the given information the issue you described "So once I add the DNS it will disable the website. And once I delete the DNS in the proxy, the website will work fine."  makes no sense unless there more to this story and more details to this scenario that are left out.

Please dont leave any details out, as that leaves a lot of room for assumption and that is not helping us at all :)

Slava
Original Message:
Sent: 11-18-2021 12:39 AM
From: ITA ISD
Subject: DNS Issue

Hi Team,


There is an issue when adding the DNS Domain in the ASG, as I added the DNS of the Windows domain and then joined it, and it works well.

The issue is the website of my organization is having the same domain name of the windows domain. So once I add the DNS it will disable the website. And once I delete the DNS in the proxy, the website will work fine.
e.g. Windows domain: ABC.xyz.om ,  Wesite: ABC.xyz.om

I am not sure! Is there any conflict! And how we can solve it! And what the AD team can do from there side!

Appreciate your help,
Thanks.

Hi @Slava

Thanks very much for your input, and sorry for the missing details, Im just learning from you guys. :)
Yes, as you said the "website hosted on the same domain controller as the Windows Domain" and the website is a public website.

AD guys have solved the issue by creating a reflecting windows domain with different domain name and it works well now. So, the issue was that the proxy was resolving the DNS of the website from the local LAN(AD) because they have the same domain name, and it was giving an error such as " The connection has time out". After changing the Domain name of the windows domain. Proxy was able to resolve the website dns from internet and it works good.

Thank you,​
Original Message:
Sent: Nov 22, 2021 09:56 AM
From: Slava Vasilasco
Subject: DNS Issue

Hello ITA,

It would really help to get more information, such as , if this website hosted on the same domain controller as the Windows Domain ? is it hosted under the Same IP as the domain controller.
Another assumption here is , as it sounds like this website is on the LAN side , and if so , why is the LAN -> LAN traffic being sent to the proxy?
Or is this a reverse proxy scenario where its the WAN users cant access the web site, if so then , change the TCP Port on the WebSite Server so the web site is hosted on the different port other than 80 , say 88.
With the given information the issue you described "So once I add the DNS it will disable the website. And once I delete the DNS in the proxy, the website will work fine."  makes no sense unless there more to this story and more details to this scenario that are left out.

Please dont leave any details out, as that leaves a lot of room for assumption and that is not helping us at all :)

Slava
Original Message:
Sent: 11-18-2021 12:39 AM
From: ITA ISD
Subject: DNS Issue

Hi Team,


There is an issue when adding the DNS Domain in the ASG, as I added the DNS of the Windows domain and then joined it, and it works well.

The issue is the website of my organization is having the same domain name of the windows domain. So once I add the DNS it will disable the website. And once I delete the DNS in the proxy, the website will work fine.
e.g. Windows domain: ABC.xyz.om ,  Wesite: ABC.xyz.om

I am not sure! Is there any conflict! And how we can solve it! And what the AD team can do from there side!

Appreciate your help,
Thanks.

Very appreciate your critical thinking and answers are very helpful.

Thank you @Slava
Original Message:
Sent: Nov 22, 2021 09:56 AM
From: Slava Vasilasco
Subject: DNS Issue

Hello ITA,

It would really help to get more information, such as , if this website hosted on the same domain controller as the Windows Domain ? is it hosted under the Same IP as the domain controller.
Another assumption here is , as it sounds like this website is on the LAN side , and if so , why is the LAN -> LAN traffic being sent to the proxy?
Or is this a reverse proxy scenario where its the WAN users cant access the web site, if so then , change the TCP Port on the WebSite Server so the web site is hosted on the different port other than 80 , say 88.
With the given information the issue you described "So once I add the DNS it will disable the website. And once I delete the DNS in the proxy, the website will work fine."  makes no sense unless there more to this story and more details to this scenario that are left out.

Please dont leave any details out, as that leaves a lot of room for assumption and that is not helping us at all :)

Slava
Original Message:
Sent: 11-18-2021 12:39 AM
From: ITA ISD
Subject: DNS Issue

Hi Team,


There is an issue when adding the DNS Domain in the ASG, as I added the DNS of the Windows domain and then joined it, and it works well.

The issue is the website of my organization is having the same domain name of the windows domain. So once I add the DNS it will disable the website. And once I delete the DNS in the proxy, the website will work fine.
e.g. Windows domain: ABC.xyz.om ,  Wesite: ABC.xyz.om

I am not sure! Is there any conflict! And how we can solve it! And what the AD team can do from there side!

Appreciate your help,
Thanks.