Solved

Microsoft DNS Question

Posted on 2004-04-22
11
163 Views
Last Modified: 2010-04-13
I have my domain controller running as my internal DNS.  This works just fine.  I also have a Routing and Remote Access service running on the same machine which my company uses in order to VPN into the network.  Here is my problem:

Inside my network, this works:

ping server1.my_domain.my_company.com
It Replies:  192.168.1.6, which is correct

While VPN'd into my network, it doesn't work:

ping server1.my_domain.my_company.com
It Replies:  A real IP address from my service provider

I tried doing a tracert on it, and it seems that it goes to my Routing and Remote access server, which is also my DNS server, but then it gets forwarded to the network's default gateway of 192.168.1.1.  After that it tries to resolve that domain on the internet, which of course will not work.

I guess my question is how do I tell my DNS server that this is an internal server?  I have an entry in the forward lookup zone for this server:

server1           192.168.1.6

I just can't figure out how to tell my internal DNS server how to resolve server1.my_domain.my_company.com

Any help would be appreciated.  Thanks!
0
Comment
Question by:barthalamu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 22

Expert Comment

by:Christopher McKay
ID: 10894839
Hi barthalamu,
You need to enter a pointer in your DNS that says:

server1.my_domain.my_company.com         192.168.1.6

Hope this helps!

:o)

Bartender_1
0
 

Author Comment

by:barthalamu
ID: 10894942
I tried creating a PTR record, but it does not seem to help.  It will not allow me to enter an IP address.  I created a record that looks like:

Name:                    Data:
--------                   -------
server1                   server1.my_domain.my_company.com


Is this correct?  I also tried clearing the cache.

Thanks.
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 10895283
What IP address are the VPN clients getting?  In the VPN client what IP do you have configured for DNS?
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 7

Expert Comment

by:PaulADavis
ID: 10904677
try enabling ip routing on the ip tab of the rras server properties....
0
 

Author Comment

by:barthalamu
ID: 10910072
MSGeek:

The RRAS service is giving out the range of:
192.168.1.201 - 192.168.1.215

Here is a sample of what the RRAS is giving out to a client when connected:  ( ipconfig /all )
IP Address. . . . . . . . . . . . : 192.168.1.202
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.1.202
DNS Servers . . . . . . . . . . . : 192.168.1.5
                                            64.81.45.2
Primary WINS Server . . . . . . . : 192.168.1.8

The 192.168.1.5 is my internal DNS server.

PaulADavis:
I do have this enabled.  Thanks.

Thank to both for the help.
0
 

Author Comment

by:barthalamu
ID: 10910080
MSGeek:

The RRAS service is giving out the range of:
192.168.1.201 - 192.168.1.215

Here is a sample of what the RRAS is giving out to a client when connected:  ( ipconfig /all )
IP Address. . . . . . . . . . . . : 192.168.1.202
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.1.202
DNS Servers . . . . . . . . . . . : 192.168.1.5
                                            64.81.45.2
Primary WINS Server . . . . . . . : 192.168.1.8

The 192.168.1.5 is my internal DNS server.

PaulADavis:
I do have this enabled.  Thanks.

Thank to both for the help.
0
 

Author Comment

by:barthalamu
ID: 10910082
sorry about the double post.
0
 
LVL 9

Accepted Solution

by:
MSGeek earned 500 total points
ID: 10912046
bathalamu.. change RRAS so the client does not receive a default gateway when connected.  They will not be able to surf the web, but do you want them doing so from an unsecured location?

The other solution would be to go with something a little more secure.  Depending on the number of users you have a Cisco PIX 501 or 506E with the Cisco VPN client will give you 3DES encryption and a sure tunnel  MSGeek
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article describes how to import Lotus Notes Contacts into Outlook 2016, 2013, 2010 and 2007 etc. with a few manual steps. You can easily export and migrate Lotus Notes contacts into Microsoft Outlook without having to use any third party tools.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question