• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1190
  • Last Modified:

Sonicwall 2040 VPN problem - How to assign ip address to each VPN session

We have a Sonicwall 2040 and a couple users who live in other countries and who VPN in to our network.  We have a Windows 2003 Domain controller, which is our DHCP server.  The problem is, I want to have each VPN session somehow "registered" with the Domain Controller/DHCP server.  I don't know exactly the right terminology, but I don't quite understand how the Sonicwall and Windows DHCP server work together with VPN sessions.  I have the Sonicwall DHCP server disabled of course, but in the VPN section, there is an option for DHCP over VPN.  Should this be configured?  When users connect to our VPN, they get a correct virtual IP address on our LAN, but it seems that the Windows DHCP server doesn't register them with DNS maybe???

We have a new centralized Anti Virus server, and I am trying to push out client installs to the remote users, and the server won't see any PC's on the vpn for some reason.
0
jbobst
Asked:
jbobst
  • 2
  • 2
2 Solutions
 
bhnmiCommented:
Configure the DHCP over the VPN option and enable netbios too.
0
 
from_expCommented:
your vpn box should ask for ip address for client from your domain dhcp server
on the dc dhcp server check register dns for dhcp leases
0
 
jbobstAuthor Commented:
I configured the Sonicwall and they are getting an IP address just fine from DHCP, but DNS still doesn't have a record created.  In fact, when I went to view my DNS server (in the Windows Management console), it appears as if none of my office computer have a dns record in there...other than a few computers that have static IP addresses where I manually created a DNS record.  When I checked the DHCP server settings, I have "Enable DNS dynamic updates..."  and "Always dynamically update DNS A and PTR records" checked in the properties section.  I recall not too long ago that when I looked in the DNS server, I saw records for all of my local computers, now there are none!  I had our user from Europe log into the VPN, and he received a good IP address.  The problem was, I couldn't "ping" his pc, unless I used his actual ip address.  I wanted to use the pc name howerver, and I wanted to push our Anti-Virus software to his PC (which needs name resolution).  I manually created a pointer record and an "A" record in my DNS server, then had to flush and registerdns on each NIC adapter on my server, and only then could I finally ping his computer (and push our AV software out to him).  The problem is, that unless I set him up for a static IP address, his IP will change next time he logs in to the VPN and the dns records won't be valid.  I must be missing something in the DHCP server or the DNS server.

One more strange thing is that even though only a couple static IP comptuer have DNS records, I can still ping all of my local pc's in the office network.  How does the ping utility (or rather my pc) know how to resolve the computer name to an IP address if my DNS server doesn't have any forward or reverse lookup records?
0
 
bhnmiCommented:
It uses ARP or netbios (WINS).
0
 
from_expCommented:
actually "Always dynamically update DNS A and PTR records" should solve your problem.
Under normal circumstances, your XP pcs will register their name and ip in dns automatically "Register this connection in DNS"

But in case of vpn please check that your clients also receive dns server settings from dhcp server
It is possible, that your sonicwall provides it's own dns settings to clients. In this case you can configure your sonicwall with dns server of your DC
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now