Can't connect to website from internal network

Support
1

My site, bfna.netlify.app, is accessible from anywhere on the internet EXCEPT for the company’s internal network (which has the bfna.org domain).

To date this is what we tried:

  • updated the local DNS servers with the new www.bfna.org ip address (104.198.14.52). An NSLookup resolves it to the correct address……but still can not connect with a browser.
  • Tried adding / removing firewall rules to allow access of all packets to and from this address.
  • Using the network shell set the dns and reset the winsock.
  • Clearing the cache and ARP tables on the DNS servers.

The message we get is “server refused connection” and it ONLY happens when internal DNS servers are used to resolve the www.bfna.org domain name.

Changing the DNS servers of the internal machines to Googles DNS servers (8.8.8.8 and 8.8.4.4) allows the access from inside the network. But, of course, we lose access to the local servers.

Is there anything that would hinder a machine from the internal network of the bfna.org domain from gaining access to the website when using their internal DNS servers to resolve the ip address?

Any hints on how I can solve this problem?

2

Hey @Claudio,
This is something you’ll have to get internal IT support for, though I think your first guess was on the right track. You could try replicating internally both of the DNS records you set up at your DNS host (instead of just the one), so:

  • an A record for bfna.org to our load balancer (104.198.14.52)
  • CNAME for www.bfna.org to your Netlify site (bfna.netlify.app)

This seems to be a fairly common headache, so sharing this post in case it’s helpful:

While looking into this, I also noticed that your primary domain is bfna.org, with www.bfna.org redirecting to that. In order to get the most out of our CDN and for your visitors to get the best site performance, we recommend (though don’t require!) swapping those so that www.bfna.org is the primary domain. Here’s an article about why:
How to Set Up Netlify DNS - Custom Domains, CNAME, & Records

Hope this helps! Let us know if you’re able to resolve this or have follow-up questions.