Solved

Server 2003 VPN DHCP Question

Posted on 2006-10-23
10
367 Views
Last Modified: 2010-03-19
If I have one DC configured to give out DHCP but my  VPN comes in on a different DC.  How do I tell the VPN DC where the DHCP server is?
0
Comment
Question by:hmcnasty
  • 5
  • 3
  • 2
10 Comments
 
LVL 7

Expert Comment

by:knightrider2k2
ID: 17791337
If it is on the same subnet then you do not need to specify anything. If the dhcp server is on a different subnet then you can specify the DHCP relay agent under the IP Routing
0
 

Author Comment

by:hmcnasty
ID: 17791400
That's weird. That's what I thought.  Their on the same subnet but when I VPN in I get on of those bogus ip addesses.  I mean it still works and everything but it's not getting the IP from the DHCP server.
0
 

Author Comment

by:hmcnasty
ID: 17791405
When I specify it in Ip Routing.  Do I use the one in NAT/Firewall?

0
 
LVL 7

Expert Comment

by:knightrider2k2
ID: 17792121
>Do I use the one in NAT/Firewall?

Sorry I did not understand what you mean
0
 
LVL 5

Accepted Solution

by:
megs28 earned 500 total points
ID: 17792144
It's not a good idea to call your DHCP addresses from the LAN DHCP pool when using RRAS in Windows.  It is very flakey, and you will experice issues just like this, as the DHCP server doesn't always assign an IP address to the "router/gateway" portion of the RRAS.

Do this instead:  Choose a range of IP addresses large enough for your VPN pool, and exclude them from your LAN DHCP pool.  Use this pool to dish out IP addresses instead.  Simply running though the VPN RRAS wizard (very simple) to set it up, and you'll be all set.  It will save you a lot of headaches in the long run (including restarting the RRAS service at 3am when your boss calls you from across the pond).
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:hmcnasty
ID: 17792158
For whatever reason the  VPN server is not seeing the DHCP server so I was going to try and specify it under IP routing.  I assume you mean IP routing in RAS.  Where in IP rounting would I specify the DHCP server?
0
 

Author Comment

by:hmcnasty
ID: 17792192
megs28.

Yeah that works.  I had it like that before but I was unable to resolve netbios names.  However, for some reason it's working now.  

Thanks
0
 
LVL 5

Expert Comment

by:megs28
ID: 17792265
Ensure netbios over tcp/ip is enabled for EVERYTHING - adapter on RRAS server, network adapter on client, VPN connection on client, etc. etc.  There's always the quick and dirty way around the name resolution thing, which is a static entry in the hosts file (I'm not an advocate of this).  You can create a simple logon script to add entries that are necessary.

I don't know off the top of my head the configuration for the RRAS in 2k3 as I rarely ever have to look at the config, and I'm nowhere near a server right now.  Sorry.

FYI - RAS - Remote Access Server...RRAS - Routing and Remote Access.  Same crap, different pile (depending on the OS).
0
 

Author Comment

by:hmcnasty
ID: 17792285
Thank you

I got it to work by putting the DNS suffix in TCP/IP.  In other words it'll take the FQDN if each machine but not the netbios name.  So by inserting the suffix in there it seems to work fine. Although I woudl like to know why at some point.

Wes
0
 
LVL 5

Expert Comment

by:megs28
ID: 17792376
When you make a connection from the client side check to see if netbios over tcp/ip is enabled (ipconfig /all....don't trust how the connection is configured to give you a proper response).  If it isn't, this is why the FQDN works and the netbios name doesn't.  With my 2k3 RRAS server, I often find this issue to be a hit or a miss.....and I could never figure out exactly why even though netbios over tcp/ip was enabled on every adapter and every connection for the bloody thing.  I chalked it up to the fact that I have an NT network and 2k3 rras servers.  meh.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Port forwarding in Cisco RV215w 2 33
Extending  a subnet 9 36
NSD FAIL 2 22
Calyptix AE1200 VLAN Question 3 14
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now