DNS Integration with remote sites via VPN

We have a Windows 2003 SBS hosted in the UK (192.168.240.x) and we have an overseas branch (192.168.0.x) that connects to the server via a Firewall to Firewall IKE VPN. We can join and connect to the SBS domain by putting an entry in the HOSTS file on the PC's pointing at the SBS. All computers added to the domain show in AD. What I'm trying to do if automatically add those computers into DNS. Only the servers on the 192.168.240 domain are listed in DNS on the SBS. If I manually add an A record, that doesn't appear to work either. Is there a solution to this as I would like to browse via an RDP session from the server to one of the remote PC's using the PC name rather than IP address.
helpintAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Chris DentPowerShell DeveloperCommented:

Hello there,

I take it you don't have a Domain Controller in the remote site?

Otherwise, can't you just configure them to use the DNS Server in the UK for name resolution?

Chris
0
helpintAuthor Commented:
They can from the remote site but the DC cannot resolve to the PC's at the remote end.
0
Chris DentPowerShell DeveloperCommented:

If they're using the UK DC as the DNS Server, and they're members of the Domain they should be able to Dynamically Register their names into DNS without you having to do anything.

I assumed that, at the moment, they use something like the local Firewall as their DNS Server in TCP/IP configuration.

Chris
0
Newly released Acronis True Image 2019

In announcing the release of the 15th Anniversary Edition of Acronis True Image 2019, the company revealed that its artificial intelligence-based anti-ransomware technology – stopped more than 200,000 ransomware attacks on 150,000 customers last year.

helpintAuthor Commented:
The remote PC's join the UK domain and are using that as the primary DNS server. When they join the domain, none of the remote PC's get added to DNS. Is there something that I have to do to enable this? If I add an A record manually, that still can't seem to resolve back to the IP on the different subnet.
0
Chris DentPowerShell DeveloperCommented:

Both ways should work.

On one of the remote clients, can you run:

ipconfig /registerdns

Then check the event log for DNSAPI errors?

None of hte clients use anything more than the SBS Server in their DNS settings do they?

Chris
0
helpintAuthor Commented:
Only the SBS DNS is set on the clients. Nothing shows in any error log after running registerdns nor does it appear in DNS.
0
Chris DentPowerShell DeveloperCommented:

They have their Primary DNS Suffix set correctly I take it?

The VPN doesn't perform any network filtering?

Chris
0
helpintAuthor Commented:
Yes, it all looks correct The VPN doesn't do any filtering.
0
Chris DentPowerShell DeveloperCommented:

Can you confirm that Dynamic Updates is enabled? Properties for the Forward Lookup Zone in the DNS Console.

Have you setup your DHCP server so it is pushing entries into DNS on the clients behalf? If so, that can also stop the clients correctly registering.

Chris
0
helpintAuthor Commented:
Dynamic Updates not enabled. Do I select Nonsecure and secure or Secure only? The clients get an IP from a DHCP server on their remote site that is not part of the domain. They are on a separate subnet. Could this be the problem?
0
Chris DentPowerShell DeveloperCommented:

If all the PCs you want in there are a member of the Domain then set it to Secure Only.

If they're not then you would need to set Nonsecure.

The DHCP server is unimportant, provided it's not been told to update DNS on the clients behalf (which you can only do if it's Windows DNS, so I shouldn't worry about it).

Chris
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
helpintAuthor Commented:
Woo hoo! That did it.
0
Chris DentPowerShell DeveloperCommented:

Glad it's all sorted out :)

Chris
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.