Subject alternative name. You'll need the cert to contain both the Internet FQDN and the intranet FQDN.
Michael Dzikowski Senior Systems Engineer | Ally Technical Infrastructure - Windows Hosting [cid:[email protected]] From: [email protected] [mailto:[email protected]] On Behalf Of Brian McDonald Sent: Wednesday, February 19, 2014 11:44 AM To: [email protected] Subject: RE: [mssms] How to create DNS Record for DMZ site systems? SANs certs? Thanks, Brian ________________________________ From: [email protected]<mailto:[email protected]> To: [email protected]<mailto:[email protected]> Subject: RE: [mssms] How to create DNS Record for DMZ site systems? Date: Wed, 19 Feb 2014 16:35:53 +0000 Yeah, you're going to have a need for PKI/SSL for those site systems in the DMZ. One big gotcha that bit me in the past with IBCM is SANs certs....just a heads up, you'll need that most likely. Michael Dzikowski Senior Systems Engineer | Ally Technical Infrastructure - Windows Hosting [cid:[email protected]] From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Brian McDonald Sent: Wednesday, February 19, 2014 11:18 AM To: [email protected]<mailto:[email protected]> Subject: RE: [mssms] How to create DNS Record for DMZ site systems? Mike - thanks bud. I believe this is what I'm looking for here. My MP in the DMZ will also need to be configured for HTTPS/SSL, correct? http://support.microsoft.com/kb/324069 Thanks again, Brian ________________________________ From: [email protected]<mailto:[email protected]> To: [email protected]<mailto:[email protected]> Subject: RE: [mssms] How to create DNS Record for DMZ site systems? Date: Wed, 19 Feb 2014 16:09:04 +0000 You just need to create an A record on your public facing DNS server(s). If you have an MP in your DMZ, clients on the internet need to be able to resolve the FQDN. If you're running Microsoft DNS: http://technet.microsoft.com/en-us/library/bb727018.aspx Michael Dzikowski Senior Systems Engineer | Ally Technical Infrastructure - Windows Hosting [cid:[email protected]] From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Brian McDonald Sent: Wednesday, February 19, 2014 11:00 AM To: [email protected]<mailto:[email protected]> Subject: RE: [mssms] How to create DNS Record for DMZ site systems? I believe this is what i need: "If the site is configured for Internet-based client management, public Internet DNS servers must also be configured. Ensure that public Internet DNS servers have A records (for IPv4 addresses) or AAA records (for IPv6 addresses) for all the Internet FQDNs specified in Configuration Manager. These DNS entries must be configured with the public Internet IP addresses of your Internet-based site servers" I need to understand how to do this exactly. Can't find documentation on technet. :( Brian ________________________________ From: [email protected]<mailto:[email protected]> To: [email protected]<mailto:[email protected]> Subject: [mssms] How to create DNS Record for DMZ site systems? Date: Wed, 19 Feb 2014 09:46:54 -0600 Can someone explain to me how to create a DNS record externally for my site systems in the DMZ to see the FQDN/external DMZ name of my server? - Thanks Brian
<<inline: image001.png>>
