Use DNS to resolve the problem . The name resolution service, in addition to providing a friendly name for the application (eg link ) will solve the routing problem providing customers with the proper IP according to the network the machine is on.
A common scenario is currently the case where you have an external DNS server for your public domain and an internal one for the corporate network (sometimes it is the same domain server - AD).
So, you just add an entry on the external server with the address for the application (eg link ) pointing to the IP address.
With this, all machines outside your network can already access the application through the new address, assuming that your site is published on port 80.
And then, you will need to perform an external DNS Zone transfer with your domain to the Internal, so on your internal server, the DNS entry should return the IP of the internal network to the application in question.
This will cause the priority on the DNS address to be from the internal server when the machine is on the internal network, so the address returned by the DNS will be the server's internal address.
When the computer is in the external network, the priority DNS will be the one of the WEB returning the external address.
With this, the machines will access the application by the friendly name and DNS will be in charge of providing the appropriate IP through the priority in the DNS Zone according to the network in which the machine is.
Attention:
-
You should check if your vendor for the Domain allows you
Zone transfers.
If you use other applications with external addresses in this domain, make sure that redundancy services do not provide different IPs for the site because your internal DNS will take over the zone and provide the wrong IP.
-
A load balancer sometimes does load distribution based on multiple instances of applications with different ips, check accordingly.
If you can, test zone transfers at non-business hours and check all relevant domains and subdomains.
Zone Transfer:
link
Alternatively, check your settings against Loopback (see: link ). But there are other implications, such as modifying your firewall settings and sometimes, for security, these settings are disabled. This may also require settings in different locations (multiple firewalls) and with increasing applications, using a friendly name is better in terms of maintaining and controlling the rules.
Users are generally happier as well.