Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            : Internal Users Cannot Access Public Website After DNS Change

            Modified on Wed, 23 Jul at 4:04 PM

            Description

            After updating public DNS records (e.g., moving a company website to a new web host), internal users report they cannot access the website from inside the corporate network. External users report no issues.


            Symptoms


            Website returns "Page cannot be displayed" or redirects to old IP.


            Internal DNS resolves the site to an outdated IP.


            Flushing DNS on the client does not resolve the issue.


            nslookup shows different results for internal vs. external queries.


            Root Cause

            Split-brain DNS configurations, where internal and external DNS servers handle the same domain differently, can cause cached or stale A records to remain in the internal DNS server. If internal DNS zones aren't updated alongside external ones, users inside the network will resolve outdated addresses.


            Resolution Steps


            Check Internal DNS Zones


            On your internal DNS server (usually a domain controller), check if there is a zone for the public domain (e.g., company.com).


            Look under Forward Lookup Zones for internal A or CNAME records for the affected domain.


            Remove or Update Internal A Records


            If the internal zone is required, update the A record to match the new external IP address.


            If the internal zone is unnecessary, consider deleting the zone and allowing internal users to use public DNS.


            Flush DNS on Clients


            Instruct users to flush local DNS caches.


            Restart the affected machines or manually flush via the network adapter settings.


            Update DHCP or Group Policy DNS Settings


            If clients are using internal DNS but also require external resolution, ensure forwarders are correctly configured.


            Verify internal DNS can resolve external names without stale overrides.


            Test from Multiple Locations


            Check behavior from multiple internal VLANs or remote workers via VPN.


            Use nslookup from internal systems and compare results with public DNS tools like Google DNS (8.8.8.8).


            Verification


            Confirm that the correct IP is resolved from internal networks.


            Test website access via browser and command-line tools.


            Monitor DNS logs for incorrect cache entries or resolution failures.


            Follow-up


            Document any internal DNS zones that duplicate public domains.


            Set up DNS monitoring to alert on mismatched internal/external records.


            Train staff on managing dual DNS configurations or recommend conditional forwarders.


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0