DotFoil
asked on
Name Resolution fails over Netgear Firewall Point to Point VPN
OK,
So we have two netgear firewalls that are running a hardware VPN per the instructions here:
http://kbserver.netgear.com/inquira/default.asp?ui_mode=answer&prior_transaction_id=2069&action_code=5&highlight_info=16777291,10,19&turl=http%3A%2F%2Fkbserver.netgear.com%2Fkb_web_files%2FN101499.asp&answer_id=206905334#__highlight
I realize this is very similar to teh question we had recently asked, please bear with me.
The central location is where the domain\DNS(Win 2003 server) server is bieng hosted, and i know the tunnel is working because i can ping the servers IP address, and even access shared resources via \\<serverIP>, however when i try to access resources via \\<serverName>, everything falls apart.
I have configured the Dns servers on the satellite firewall to be the servers IP address. When i do a nslookup from a remote machine i get no response from the server. However dns is running and processes requests locally no problem.
I have enabled netBios on a remote test machine
The other weird thing is that i can browse the web from this remote machine, with the only DNS entry bieng the server, so it seems certain DNS requests are bieng responded to.
Some other info that might be helpfull:
central office lan IP: 192.168.1.
satellite office Lan IP: 192.168.2.x
Id be happy to answer any questions
So we have two netgear firewalls that are running a hardware VPN per the instructions here:
http://kbserver.netgear.com/inquira/default.asp?ui_mode=answer&prior_transaction_id=2069&action_code=5&highlight_info=16777291,10,19&turl=http%3A%2F%2Fkbserver.netgear.com%2Fkb_web_files%2FN101499.asp&answer_id=206905334#__highlight
I realize this is very similar to teh question we had recently asked, please bear with me.
The central location is where the domain\DNS(Win 2003 server) server is bieng hosted, and i know the tunnel is working because i can ping the servers IP address, and even access shared resources via \\<serverIP>, however when i try to access resources via \\<serverName>, everything falls apart.
I have configured the Dns servers on the satellite firewall to be the servers IP address. When i do a nslookup from a remote machine i get no response from the server. However dns is running and processes requests locally no problem.
I have enabled netBios on a remote test machine
The other weird thing is that i can browse the web from this remote machine, with the only DNS entry bieng the server, so it seems certain DNS requests are bieng responded to.
Some other info that might be helpfull:
central office lan IP: 192.168.1.
satellite office Lan IP: 192.168.2.x
Id be happy to answer any questions
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Glad you were able to get it working DotFoil.
thanks,
--Rob
thanks,
--Rob
ASKER
Yeah,
thanks for your help, i just returned from the client, and it seems it actually needed WINS added to the remote machine adapter
thanks for your help, i just returned from the client, and it seems it actually needed WINS added to the remote machine adapter
If WINS is an option it is usually the most dependable over VPN's, not sure why. If you get into the high end WatchGuards, SonicWall, CheckPoint and Cisco units I find DNS resolution works great.
Thanks for the update,
--Rob
Thanks for the update,
--Rob
ASKER
Id love to get it resolving using DNS, i would think the way its set up would allow DNS to resolve, but maybe im issing something on the server. DNS just times out when performing NSlookup remotely, but it functions fine locally. Maybe i have more firewall Mis-configuration to sort out. but for now WINS will work just fine.
Again thanks for your help, if you have any other suggestions to try please let me know. Thanks!
Again thanks for your help, if you have any other suggestions to try please let me know. Thanks!
If I come up with any other ideas I will be sure to let you know. I am surprised "adding the remote DNS server to your local DNS servers in your network card's TCP/IP configuration" didn't work.
Thanks,
--Rob
Thanks,
--Rob
ASKER
1. so using the server IP does work, and we may just have to set this up with login scripts because name resolution is just not working
2. I have not tried using the LMHosts mostly because this is for an office that is 45 minutes away and would be rediculouse to try and maintain that kinda list.
3. & 4. i have tried to use WINS with no luck
5. I have manually configured the DNS entries on the firewall, and individually for each machine, still i fail to resolve anykind of name, (server Name or FQDN). even though i can ping the server, and locally on the server i can resolve anything i want.
6. oops
Ok so i found the error. There was a Rule in the firewall forwarding all DNS requests to the server. Im not sure why it conflicted with the tunnel, but obviously it did. tunnel works, server names resolve, mapped network drives work.
All is well now.