Secondary DNS on Untrusted Domain

Posted on 2006-03-27
Last Modified: 2010-04-18

I have a client who has several locations with VPN connections to their main location.  Each of the other locations has its own domain and dns server (A single Windows 2003 server).  They have each workstation at these sites checking email on a server at the main site via VPN client software and POP3.  

I want them to be able to ping and access servers at the main location by name.  I want to setup a secondary(slave) dns zone their so that they can do this without having the VPN software on their machines and just going through their nearly untouched local servers.  

I tried setting up a secondary zone but when it goes to download for the first time it errors out saying I need to do something on the master zone server.

Any direction would help.

Question by:hydrazi
    LVL 12

    Expert Comment

    on your main server you have to add the secondary DNS servers IP in the 'Zone transefers' tab.

    Did you get any other errors (check logs) access denied or unable to find the server name?
    LVL 48

    Expert Comment

    Hi hydrazi,

    what stopys you making the zones AD integrated and allowing them to replicate through AD?

    LVL 15

    Accepted Solution


    Another thing to check is that TCP port 53 can pass through any firewalls, normal DNS queries use UDP. Zone transfers however will use TCP.

    to test use NSLOOKUP, type ls -d this "tests" a zone transfer - be sure it to perform this from the IP address you had set on the allow zone transfer tab.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
    Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now