Link to home
Start Free TrialLog in
Avatar of jmarenghi
jmarenghi

asked on

DNS in an AD Site

I have set up a domain controller in a remote plant as a site and subnet in AD. I have a VPN link between the two. I'm running dns in the remote site with forwaders to the ISP's dns servers. Here's the gig... I can ping by server name from both sides of the tunnel, so I guess DNS is set up ok. My domain (mydomain.com) is the same address used to hit our site for a citrix logon from the outside world. On my network back home I have an A record to point to the IP of the web server so that internal traffic as well can hit the site www.mydomain.com. I need this same functionality in the new site. Back at the home i can dump the local ip of the webserver in IE and the Nfuse logon page resolves. How come when I do that from the remote site it does not resolve? The ipsec tunnel should be wide open right? Do I need to alter DNS on this side of the tunnel as well?

Any help is much appreciated

Avatar of JConchie
JConchie
Assuming that the local machines in the remote site are pointed at the local dns, rather than the home office one, yes, you do..if the VPN is functioning properly, you are essentially on the same lan at both sites...try this:

Delete the zones on the new DNS ...then set up your home office DNS server as Active Directory Integrated...then, once that is done, delete the zones on your new DNS and set it up as AD Integrated ..that has two effects....it will give you exactly the same entries in both dns servers.....and it will also substantially reduce you replication overhead.

The other alternative is to install a lmhosts file on the machines in the remote site.


Avatar of jmarenghi
jmarenghi

ASKER

Thank you very much... Both DNS's were set up as AD integrated. I poked around and found that the config on my watchguard 1000 at the home office was the problem. The tunnel was set up ok but was killing traffic on the trusted network. Now everything is cruising and the dc's between sites are replicating as well.

Thanks
Again
JDM
Avatar of JConchie
JConchie
No objections.
Avatar of JConchie
JConchie
Venabili,  I appreciate the questioneer awarding me points....but given that the solution was one he found himself.....and my answer didn't fit, you should probably change this to your original recommendation....PAQ with points refunded.
Regards,
J
ASKER CERTIFIED SOLUTION
Avatar of DarthMod
DarthMod
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial