Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Microsoft DNS Question

Posted on 2004-04-22
11
154 Views
Last Modified: 2010-04-13
I have my domain controller running as my internal DNS.  This works just fine.  I also have a Routing and Remote Access service running on the same machine which my company uses in order to VPN into the network.  Here is my problem:

Inside my network, this works:

ping server1.my_domain.my_company.com
It Replies:  192.168.1.6, which is correct

While VPN'd into my network, it doesn't work:

ping server1.my_domain.my_company.com
It Replies:  A real IP address from my service provider

I tried doing a tracert on it, and it seems that it goes to my Routing and Remote access server, which is also my DNS server, but then it gets forwarded to the network's default gateway of 192.168.1.1.  After that it tries to resolve that domain on the internet, which of course will not work.

I guess my question is how do I tell my DNS server that this is an internal server?  I have an entry in the forward lookup zone for this server:

server1           192.168.1.6

I just can't figure out how to tell my internal DNS server how to resolve server1.my_domain.my_company.com

Any help would be appreciated.  Thanks!
0
Comment
Question by:barthalamu
11 Comments
 
LVL 22

Expert Comment

by:Christopher McKay
ID: 10894839
Hi barthalamu,
You need to enter a pointer in your DNS that says:

server1.my_domain.my_company.com         192.168.1.6

Hope this helps!

:o)

Bartender_1
0
 

Author Comment

by:barthalamu
ID: 10894942
I tried creating a PTR record, but it does not seem to help.  It will not allow me to enter an IP address.  I created a record that looks like:

Name:                    Data:
--------                   -------
server1                   server1.my_domain.my_company.com


Is this correct?  I also tried clearing the cache.

Thanks.
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 10895283
What IP address are the VPN clients getting?  In the VPN client what IP do you have configured for DNS?
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 7

Expert Comment

by:PaulADavis
ID: 10904677
try enabling ip routing on the ip tab of the rras server properties....
0
 

Author Comment

by:barthalamu
ID: 10910072
MSGeek:

The RRAS service is giving out the range of:
192.168.1.201 - 192.168.1.215

Here is a sample of what the RRAS is giving out to a client when connected:  ( ipconfig /all )
IP Address. . . . . . . . . . . . : 192.168.1.202
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.1.202
DNS Servers . . . . . . . . . . . : 192.168.1.5
                                            64.81.45.2
Primary WINS Server . . . . . . . : 192.168.1.8

The 192.168.1.5 is my internal DNS server.

PaulADavis:
I do have this enabled.  Thanks.

Thank to both for the help.
0
 

Author Comment

by:barthalamu
ID: 10910080
MSGeek:

The RRAS service is giving out the range of:
192.168.1.201 - 192.168.1.215

Here is a sample of what the RRAS is giving out to a client when connected:  ( ipconfig /all )
IP Address. . . . . . . . . . . . : 192.168.1.202
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.1.202
DNS Servers . . . . . . . . . . . : 192.168.1.5
                                            64.81.45.2
Primary WINS Server . . . . . . . : 192.168.1.8

The 192.168.1.5 is my internal DNS server.

PaulADavis:
I do have this enabled.  Thanks.

Thank to both for the help.
0
 

Author Comment

by:barthalamu
ID: 10910082
sorry about the double post.
0
 
LVL 9

Accepted Solution

by:
MSGeek earned 500 total points
ID: 10912046
bathalamu.. change RRAS so the client does not receive a default gateway when connected.  They will not be able to surf the web, but do you want them doing so from an unsecured location?

The other solution would be to go with something a little more secure.  Depending on the number of users you have a Cisco PIX 501 or 506E with the Cisco VPN client will give you 3DES encryption and a sure tunnel  MSGeek
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Active directory user account audit 4 736
Remote Access to a Windows 2000 Computer 2 508
Application Deployment - Simple 7 652
Windows 2000  Domain controller 3 500
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question