Join Log in
Score:0
avatar Server

After migrating to Azure DC local IIS resource sometimes times out

mg flag
HelpDeskNewbie

So a few months back I hired our CSP to migrate our on-prem DC to Azure. Since the word go, it was a disaster so I've had to go through and fix everything piece by piece and now I'm at the last part and can't seem to get this right. The issue is, every few hours, our local IIS site becomes unavailable to users on prem.

To begin, our Sonicwall is set up to inherit IPv4 DNS dynamically from the WAN and this is the DNS from our ISP. On our Azure DC, I have the static DNS set to 127.0.0.1.

I've checked Azure Health resources and theres nothing wrong there.

Clearly this is a DNS issue but is there anything anyone can think of that I haven't checked/fixed yet?

Thank you,

33
0 + 0
Score:0
avatar Server
br flag
Greg W

How are your on-prem clients expected to locate the DC in Azure when their DNS is configured to not be able to find it? Your on-prem clients’ DNS server must be the DC in Azure for this to work. A more robust solution would be to have another DC on-prem and point your on-prem clients to that for DNS. (Just don’t forget to configure sites and subnets correctly in AD).

0 + 0
mg flag
HelpDeskNewbie
Hey Greg, do you think me changing the primary DNS in Sonic wall to the Azure DC would do the trick?
0
Reply
mg flag
HelpDeskNewbie
To note, we do have a VPN within the Sonicwall to reach the Azure DC
0
Reply
br flag
Greg W
Think about it. If your DNS is the Sonicwall, then it's only using the public Internet to resolve domain names and the public Internet should have no knowledge of your AD's domain/DNS servers (if it does and your Azure DC is publicly accessible, that is extremely bad). In order for your clients to be able to use any functionality of AD, they need to be able to use DNS to resolve your AD DCs and resources, thus your clients need to point to a DNS server that knows about them, i.e. your DC if it's DNS is AD-integrated.
0
Reply
mg flag
HelpDeskNewbie
I got it. I found that the CSP added both DNS' in DHCP licenses. I removed Verizon's DNS listings as 2 & 3, and kept my Azure DC as #1, and now all is good.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.