Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 383
  • Last Modified:

Server 2003 VPN DHCP Question

If I have one DC configured to give out DHCP but my  VPN comes in on a different DC.  How do I tell the VPN DC where the DHCP server is?
0
hmcnasty
Asked:
hmcnasty
  • 5
  • 3
  • 2
1 Solution
 
knightrider2k2Commented:
If it is on the same subnet then you do not need to specify anything. If the dhcp server is on a different subnet then you can specify the DHCP relay agent under the IP Routing
0
 
hmcnastyAuthor Commented:
That's weird. That's what I thought.  Their on the same subnet but when I VPN in I get on of those bogus ip addesses.  I mean it still works and everything but it's not getting the IP from the DHCP server.
0
 
hmcnastyAuthor Commented:
When I specify it in Ip Routing.  Do I use the one in NAT/Firewall?

0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
knightrider2k2Commented:
>Do I use the one in NAT/Firewall?

Sorry I did not understand what you mean
0
 
megs28Commented:
It's not a good idea to call your DHCP addresses from the LAN DHCP pool when using RRAS in Windows.  It is very flakey, and you will experice issues just like this, as the DHCP server doesn't always assign an IP address to the "router/gateway" portion of the RRAS.

Do this instead:  Choose a range of IP addresses large enough for your VPN pool, and exclude them from your LAN DHCP pool.  Use this pool to dish out IP addresses instead.  Simply running though the VPN RRAS wizard (very simple) to set it up, and you'll be all set.  It will save you a lot of headaches in the long run (including restarting the RRAS service at 3am when your boss calls you from across the pond).
0
 
hmcnastyAuthor Commented:
For whatever reason the  VPN server is not seeing the DHCP server so I was going to try and specify it under IP routing.  I assume you mean IP routing in RAS.  Where in IP rounting would I specify the DHCP server?
0
 
hmcnastyAuthor Commented:
megs28.

Yeah that works.  I had it like that before but I was unable to resolve netbios names.  However, for some reason it's working now.  

Thanks
0
 
megs28Commented:
Ensure netbios over tcp/ip is enabled for EVERYTHING - adapter on RRAS server, network adapter on client, VPN connection on client, etc. etc.  There's always the quick and dirty way around the name resolution thing, which is a static entry in the hosts file (I'm not an advocate of this).  You can create a simple logon script to add entries that are necessary.

I don't know off the top of my head the configuration for the RRAS in 2k3 as I rarely ever have to look at the config, and I'm nowhere near a server right now.  Sorry.

FYI - RAS - Remote Access Server...RRAS - Routing and Remote Access.  Same crap, different pile (depending on the OS).
0
 
hmcnastyAuthor Commented:
Thank you

I got it to work by putting the DNS suffix in TCP/IP.  In other words it'll take the FQDN if each machine but not the netbios name.  So by inserting the suffix in there it seems to work fine. Although I woudl like to know why at some point.

Wes
0
 
megs28Commented:
When you make a connection from the client side check to see if netbios over tcp/ip is enabled (ipconfig /all....don't trust how the connection is configured to give you a proper response).  If it isn't, this is why the FQDN works and the netbios name doesn't.  With my 2k3 RRAS server, I often find this issue to be a hit or a miss.....and I could never figure out exactly why even though netbios over tcp/ip was enabled on every adapter and every connection for the bloody thing.  I chalked it up to the fact that I have an NT network and 2k3 rras servers.  meh.
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 5
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now