helpint
asked on
DNS Integration with remote sites via VPN
We have a Windows 2003 SBS hosted in the UK (192.168.240.x) and we have an overseas branch (192.168.0.x) that connects to the server via a Firewall to Firewall IKE VPN. We can join and connect to the SBS domain by putting an entry in the HOSTS file on the PC's pointing at the SBS. All computers added to the domain show in AD. What I'm trying to do if automatically add those computers into DNS. Only the servers on the 192.168.240 domain are listed in DNS on the SBS. If I manually add an A record, that doesn't appear to work either. Is there a solution to this as I would like to browse via an RDP session from the server to one of the remote PC's using the PC name rather than IP address.
ASKER
They can from the remote site but the DC cannot resolve to the PC's at the remote end.
If they're using the UK DC as the DNS Server, and they're members of the Domain they should be able to Dynamically Register their names into DNS without you having to do anything.
I assumed that, at the moment, they use something like the local Firewall as their DNS Server in TCP/IP configuration.
Chris
ASKER
The remote PC's join the UK domain and are using that as the primary DNS server. When they join the domain, none of the remote PC's get added to DNS. Is there something that I have to do to enable this? If I add an A record manually, that still can't seem to resolve back to the IP on the different subnet.
Both ways should work.
On one of the remote clients, can you run:
ipconfig /registerdns
Then check the event log for DNSAPI errors?
None of hte clients use anything more than the SBS Server in their DNS settings do they?
Chris
ASKER
Only the SBS DNS is set on the clients. Nothing shows in any error log after running registerdns nor does it appear in DNS.
They have their Primary DNS Suffix set correctly I take it?
The VPN doesn't perform any network filtering?
Chris
ASKER
Yes, it all looks correct The VPN doesn't do any filtering.
Can you confirm that Dynamic Updates is enabled? Properties for the Forward Lookup Zone in the DNS Console.
Have you setup your DHCP server so it is pushing entries into DNS on the clients behalf? If so, that can also stop the clients correctly registering.
Chris
ASKER
Dynamic Updates not enabled. Do I select Nonsecure and secure or Secure only? The clients get an IP from a DHCP server on their remote site that is not part of the domain. They are on a separate subnet. Could this be the problem?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Woo hoo! That did it.
Glad it's all sorted out :)
Chris
Hello there,
I take it you don't have a Domain Controller in the remote site?
Otherwise, can't you just configure them to use the DNS Server in the UK for name resolution?
Chris