Solved

Server 2003 VPN DHCP Question

Posted on 2006-10-23
10
379 Views
Last Modified: 2010-03-19
If I have one DC configured to give out DHCP but my  VPN comes in on a different DC.  How do I tell the VPN DC where the DHCP server is?
0
Comment
Question by:hmcnasty
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
10 Comments
 
LVL 7

Expert Comment

by:knightrider2k2
ID: 17791337
If it is on the same subnet then you do not need to specify anything. If the dhcp server is on a different subnet then you can specify the DHCP relay agent under the IP Routing
0
 

Author Comment

by:hmcnasty
ID: 17791400
That's weird. That's what I thought.  Their on the same subnet but when I VPN in I get on of those bogus ip addesses.  I mean it still works and everything but it's not getting the IP from the DHCP server.
0
 

Author Comment

by:hmcnasty
ID: 17791405
When I specify it in Ip Routing.  Do I use the one in NAT/Firewall?

0
Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

 
LVL 7

Expert Comment

by:knightrider2k2
ID: 17792121
>Do I use the one in NAT/Firewall?

Sorry I did not understand what you mean
0
 
LVL 5

Accepted Solution

by:
megs28 earned 500 total points
ID: 17792144
It's not a good idea to call your DHCP addresses from the LAN DHCP pool when using RRAS in Windows.  It is very flakey, and you will experice issues just like this, as the DHCP server doesn't always assign an IP address to the "router/gateway" portion of the RRAS.

Do this instead:  Choose a range of IP addresses large enough for your VPN pool, and exclude them from your LAN DHCP pool.  Use this pool to dish out IP addresses instead.  Simply running though the VPN RRAS wizard (very simple) to set it up, and you'll be all set.  It will save you a lot of headaches in the long run (including restarting the RRAS service at 3am when your boss calls you from across the pond).
0
 

Author Comment

by:hmcnasty
ID: 17792158
For whatever reason the  VPN server is not seeing the DHCP server so I was going to try and specify it under IP routing.  I assume you mean IP routing in RAS.  Where in IP rounting would I specify the DHCP server?
0
 

Author Comment

by:hmcnasty
ID: 17792192
megs28.

Yeah that works.  I had it like that before but I was unable to resolve netbios names.  However, for some reason it's working now.  

Thanks
0
 
LVL 5

Expert Comment

by:megs28
ID: 17792265
Ensure netbios over tcp/ip is enabled for EVERYTHING - adapter on RRAS server, network adapter on client, VPN connection on client, etc. etc.  There's always the quick and dirty way around the name resolution thing, which is a static entry in the hosts file (I'm not an advocate of this).  You can create a simple logon script to add entries that are necessary.

I don't know off the top of my head the configuration for the RRAS in 2k3 as I rarely ever have to look at the config, and I'm nowhere near a server right now.  Sorry.

FYI - RAS - Remote Access Server...RRAS - Routing and Remote Access.  Same crap, different pile (depending on the OS).
0
 

Author Comment

by:hmcnasty
ID: 17792285
Thank you

I got it to work by putting the DNS suffix in TCP/IP.  In other words it'll take the FQDN if each machine but not the netbios name.  So by inserting the suffix in there it seems to work fine. Although I woudl like to know why at some point.

Wes
0
 
LVL 5

Expert Comment

by:megs28
ID: 17792376
When you make a connection from the client side check to see if netbios over tcp/ip is enabled (ipconfig /all....don't trust how the connection is configured to give you a proper response).  If it isn't, this is why the FQDN works and the netbios name doesn't.  With my 2k3 RRAS server, I often find this issue to be a hit or a miss.....and I could never figure out exactly why even though netbios over tcp/ip was enabled on every adapter and every connection for the bloody thing.  I chalked it up to the fact that I have an NT network and 2k3 rras servers.  meh.
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question