• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 264
  • Last Modified:

Group Policy to set DNS Client settings for VPN users??

When users connect to our Windows VPN they receive an IP from the RAS server (Windows Server 2003).  As such, DHCP is not in effect so the settings to Register the connection with DNS and to use specific DNS servers are not available.  There are Administrative Templates for the generic DNS Client connection settings, but I'm not sure how to apply this to RAS clients only or if I can "publish" a VPN connection/icon with these settings pre-configured.

Currently some of our apps are not functioning because they require lookups that now fail.  Does anyone know how to deal with this via Group Policy or another means?
0
marcperez
Asked:
marcperez
  • 3
  • 2
1 Solution
 
adamdrayerCommented:
You can pass DHCP scope options from your normal DHCP server to RAS clients

How to Use DHCP to Provide Routing and Remote Access Clients with Additional DHCP Options
http://support.microsoft.com/?kbid=232703

0
 
marcperezAuthor Commented:
This currently takes place - the RAS server is set as a DHCP Relay Agent.  The issue is not what the clients are receiving, but what they are not sending: they don't register their records in DNS at connection, so anything doing a lookup (not VPN client to host, but from some internal host back to the client) fails.
0
 
adamdrayerCommented:
It should register.  In the properties for the VPN connection on the client, goto the TCP/IP properties and click the advanced button.  Then go to the DNS tab.  Is "register this connection in DNS" checked?  It should be.  You may also need to check the box below it: "use this connections suffix..." or something like that.  Experiment with and without this last one.
0
 
marcperezAuthor Commented:
Agreed - that is the fix, but that's a manual fix.  The question is whether or not there's an alternative method to address this issue with the 65% of our company that is remote.  The manual fix will literally require about 300 individuals to make these changes to the TCP/IP properties of the VPN Connection - I'd like to find a way to address this globally if possible.
0
 
adamdrayerCommented:
So you said originally that those settings(Register this connection...) were not available because you were not using DHCP, but now you say that you ARE relaying DHCP optins to the RAS clients and that that 'Register this connection' IS the solution but its not good enough because its turned off on too many clients?

Dynamic DNS (DDNS) is actually a function of DHCP and takes place before any group policy is processed, so therefore I don't believe you can accomplish setting this option through a GPO, but I do believe that 'IPCONFIG /registerdns' would work and can be inserted into the startup script for the computers in question.  Possibly the login script, but It's probably better off in the startup script if possible.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now