DNS change to cut over from Dev environment to Production fails

This is an odd issue and I am not sure what the best action is to determine root cause of this trouble.

 

Environment is 2 Viprions, each with DMZ and DMZDV (development) guest.

 

Scenario - In DMZDV we built a DEV Exchange environment APM and LTM where the DMZDV APM provides secure remote access to the CAS. A DNS entry was created, devexchange.test.com 200.200.200.1. After testing was complete, the mirror environment was built in DMZ. After minor testing via ip address the DNS entry was changed to devexchange.test.com 207.207.200.110. (TTL = 1 min) This way there are no changes to testers phones. The change seemed very transparent to the testing team for about 3 hours.

 

Trouble – 3 hours later calls started coming in regarding our production Exchange environment (to be clear this environment in not part of the testing in the scenario above – mail.company.com 12.30.129.150). The DNS entry was backed out. Complaints that our VPN was no longer working started coming in as well. The decision was made to fail over the DMZ environment to the standby guest. With that all the issue, VPN and production email, were resolved.

 

Not understanding how these changes impacted those systems, a day later and late in the evening we repeated the test. With the same results. This time we backed out the DNS change and waited longer to see if VPN and mail would come back but after 30 min. with no change to either we failed over the DMZ guests and both cleared up. During this second test we did notice another symptom that pointed to authentication issues (maybe AD?) but our SAML environments did not functioned either.

 

We then added a new dns entry newtest.test.com 207.207.200.110 and switched up the phones in the test group and have been running as expected. A requirement is not to have to hit all phones as we are a global organization.

 

Any thoughts?

 

Thanks Jkrum