Objective
To resolve `https://venio.acme.net/VenioWeb/OnDemand/` to the machine hosting VenioWeb and VenioOnDemand with an internal IP ( just for an example, 172.31.32.33) on your Active Directory domain `acme.net`, you will need to create a DNS record on your internal DNS server.
This will allow you to setup a system where users must either be connected to your internal network, or first connect to your organization's VPN service in order to access Venio OnDemand.
Here are the general steps to follow:
Windows Server:
Login to your domain controller server as a domain admin.
1.Open the DNS manager. You can access this by typing `dnsmgmt.msc` into the Run dialog box (`Win + R`).
2. In the DNS Manager, expand the server name, expand `Forward Lookup Zones`, and then right-click on the domain where you want to add the record (`acme.net`), and select `New Host (A or AAAA)...`.
3. In the `New Host` dialog box, in the `Name` field, type the name of the new host (e.g., `venio`). The fully qualified domain name (FQDN) will auto-fill.
4. In the `IP address` field, type the IP address of the host you are pointing to (`172.31.32.33`).
5. Check the `Create associated pointer (PTR) record` box if you want to create a PTR record in the corresponding reverse lookup zone (if it exists).
6. Click `Add Host`. If you receive the following message Warning: The associated pointer (PTR) record cannot be created, probably because the referenced reverse lookup zone cannot be found. This message means that the reverse lookup zone does not exist in your DNS configuration. A reverse lookup zone is a DNS zone that is used to convert IP addresses into hostnames, which is the opposite of what standard (forward lookup) DNS zones do.
You can safely ignore this warning if you do not need to resolve IP addresses to hostnames on your network. Most of the time, PTR records are not required for general network operations.
However, if you want to set up a reverse lookup zone, you can follow these steps (for Windows DNS server):
1. Open DNS Manager. You can access this by typing `dnsmgmt.msc` into the Run dialog box (`Win + R`).
2. In the DNS Manager, right-click `Reverse Lookup Zones` and then click `New Zone...`. The New Zone Wizard will open.
3. Click `Next` to bypass the welcome screen.
4. On the `Zone Type` page, select the type of zone that you want to create. For most applications, you'll want to create a `Primary zone`.
5. On the `Active Directory Zone Replication Scope` page, choose where you want the zone data to be stored.
6. On the `Reverse Lookup Zone Name` page, select `IPv4 Reverse Lookup Zone` or `IPv6 Reverse Lookup Zone`, as appropriate for your network.
7. On the `Reverse Lookup Zone Name` page, type the network ID for the network that you're configuring.
8. On the `Dynamic Update` page, select whether you want to use dynamic updates. (I recommend not using dynamic updates at all)
9. On the `Completing the New Zone Wizard` page, review your settings and then click `Finish`.
After you have created the reverse lookup zone, you should be able to create the PTR record along with the A record. If you're doing this manually, remember that the name of the PTR record is the reverse of the IP address, followed by `.in-addr.arpa`. For instance, for the IP address `172.31.32.33`, the PTR record would be `32.31.172.in-addr.arpa`.
Considerations:
Whatever DNS name you choose (in this example venio.acme.com), you must update the SQL server VenioPCD database table tbl_pj_ControlSettings accordingly. Follow this guide: https://support.veniosystems.com/hc/en-us/articles/12365605447059-Feature-Flags-in-Control-Setting-table-tbl-pj-ControlSetting
The SSL certificate for `https://venio.acme.net/` needs to be valid and configured correctly. It might need to be reissued or a wildcard certificate might need to be used depending on your setup. Follow this guide for additional information regarding SSL certificates: https://support.veniosystems.com/hc/en-us/articles/16779304209043-SSL-Certificates
Please note: These are the general steps and might be different based on the operating system and the DNS server. If your network has a different setup, the steps might need to be adjusted accordingly.
Also remember, the changes you make on the DNS server would be internal and may not reflect on the internet DNS servers. If you want to make the `venio.acme.net` accessible from the internet, you will have to add the `A` record on the internet DNS servers.
Always make sure to follow your organization's IT policies when making changes to network configurations.
Comments
0 comments
Please sign in to leave a comment.