1

The goal here is to alias a real domain on the wider internet with something like a fake CNAME entry (or by any other means available).

For example, suppose I want to configure the domain fake.derp to point to/be an alias for google.com. So if a user who is connected to the VPN goes to the following URL:

http://fake.derp/foo/bar

They will actually be viewing:

http://google.com/foo/bar

Whether this is an actual alias (i.e., if you visited that link in your browser, you would see "fake.derp" as the domain) or just some kind of redirect (i.e., a load balancer etc. issues a 302 from fake.derp to google.com, while maintaining the path) is of no consequence. I'm just looking for a solution to "point" a fake domain to a real one in any capacity.

I realize that differences in VPN/proxy/load balancing/etc. strategies may impact the possibilities. But is this even possible on a fundamental level?

Josh
  • 111
  • What is the real problem you're trying to solve here? And what does it have to do with VPNs? – EEAA May 26 '15 at 22:17
  • The ultimate goal is to be able to point http://go/ to our company's internal shortlink service, which is actually located at a longer (real) URL like http://linking-service.some-cluster.some-company.com/, with zero configuration for employees -- they should only need to connect to the VPN, and our internal DNS will handle the redirection. I have seen this achieved at several companies, but can't find any information on how to go about it. – Josh May 26 '15 at 22:24
  • 6
    So put DNS in place to point the go A record to a weberver, whose sole purpose is to serve requests for http://go/ and then do a 302 redirect to the end location. – EEAA May 26 '15 at 22:26
  • Will look into this solution. Thank you! You might consider making this an answer so I can potentially accept it. – Josh May 27 '15 at 01:24

1 Answers1

0

There are a couple of ways to do this:

  • /etc/hosts - add the IP for your web server to the hosts files on individual machines. This is hard to maintain, but could work for you in s small scale. It also provides more flexibility than DNS options.
  • DNS - create a go zone on your local DNS server and put an A record in there that points to your web server. By putting this on your DNS server you have central control and it is easy to change the IP in one place.
  • DNS + redirect - create a go zone again, but this time point the A record at a redirect server such as How to get apache2 to redirect to a subdirectory . The advantage of this is that your users will see the "real" URL instead of go in their URL bar.

All of this is true whether you are on a VPN or not. If the site is only accessible via VPN then the user will get an error when they do not have the VPN active.

Community
  • 1
chicks
  • 3,819
  • 10
  • 28
  • 36
  • 1
    Thank you for your answer. In this case /etc/hosts will not work as 1) the app/hostname does not have a static IP, and 2) it requires end user configuration (looking for a zero config solution). Will look into the other options. – Josh May 27 '15 at 01:23
  • any luck? @Josh – chicks Jun 21 '15 at 13:46