Not able to use external dns

we're having a problem of not being able to use any external dns like google's 8.8.8.8 as our dns server except our internal dns which works fine..

we have 2 dc , both dns servers (server 2008 r2)

when i change the dns setting statically on any on our clients to an external dns, it wont be able to resolve any names or open websites.but it works fine with our internal dnses. i want to figure out what could cause this issue? i checked configurations on our router and there was no settings restricting the dns

do you have any idea what could cause that?

 
August 21st, 2013 1:49am

Hi,

Firstly, you can check if you have any group policies forced to use the internal DNS.

If not please do more test:

Ping an external DNS server with the IP address.

Assign a external DNS server to the client, then use tracert domain name . You can see where request packets go or where they stop.

Do the same with the internal DNS assigned and compare the difference.

IN addition, you can use nslookup to troubleshoot the issue.

Hope this helps.

Free Windows Admin Tool Kit Click here and download it now
August 21st, 2013 7:16am

  With Active Directory installed you should not use an external DNS server on a client, even as a secondary address. Set the local DNS on your servers to forward to an external DNS service. They will then resolve external URLs for themselves and for their clients.

  The clients need to use the local DNS because it is the only DNS which can resolve domain resources for them.

  
August 21st, 2013 7:36pm

I would follow Bill advice, but in the other hand if you use 8.8.8.8 in a local computer and that does not resolve anything I would think a firewall rule restrict the DNS use. (port 53)

Without changing anything try that in a command prompt windows;

nslookup<enter>
server 8.8.8.8<enter>
google.com<enter>

Let us know the result. A fail would mean it's blocked (in the computer or in the router)

Free Windows Admin Tool Kit Click here and download it now
August 21st, 2013 9:18pm

agree with Bill, if you're using AD you should not use an external Server on a client.

Since you want to find out the issue, Daniel has a good solution.

Do a tracert, so you can check were the packet is drop.

Or you can disable the AV or any internet security software on the client PC.

Check firewall configuration also.

Good luck!

August 22nd, 2013 6:12am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics