Sonicwall 2040 VPN problem - How to assign ip address to each VPN session

Posted on 2007-12-05
Last Modified: 2012-06-27
We have a Sonicwall 2040 and a couple users who live in other countries and who VPN in to our network.  We have a Windows 2003 Domain controller, which is our DHCP server.  The problem is, I want to have each VPN session somehow "registered" with the Domain Controller/DHCP server.  I don't know exactly the right terminology, but I don't quite understand how the Sonicwall and Windows DHCP server work together with VPN sessions.  I have the Sonicwall DHCP server disabled of course, but in the VPN section, there is an option for DHCP over VPN.  Should this be configured?  When users connect to our VPN, they get a correct virtual IP address on our LAN, but it seems that the Windows DHCP server doesn't register them with DNS maybe???

We have a new centralized Anti Virus server, and I am trying to push out client installs to the remote users, and the server won't see any PC's on the vpn for some reason.
Question by:jbobst
  • 2
  • 2
LVL 12

Accepted Solution

bhnmi earned 125 total points
ID: 20413672
Configure the DHCP over the VPN option and enable netbios too.
LVL 21

Expert Comment

ID: 20413710
your vpn box should ask for ip address for client from your domain dhcp server
on the dc dhcp server check register dns for dhcp leases

Author Comment

ID: 20443134
I configured the Sonicwall and they are getting an IP address just fine from DHCP, but DNS still doesn't have a record created.  In fact, when I went to view my DNS server (in the Windows Management console), it appears as if none of my office computer have a dns record in there...other than a few computers that have static IP addresses where I manually created a DNS record.  When I checked the DHCP server settings, I have "Enable DNS dynamic updates..."  and "Always dynamically update DNS A and PTR records" checked in the properties section.  I recall not too long ago that when I looked in the DNS server, I saw records for all of my local computers, now there are none!  I had our user from Europe log into the VPN, and he received a good IP address.  The problem was, I couldn't "ping" his pc, unless I used his actual ip address.  I wanted to use the pc name howerver, and I wanted to push our Anti-Virus software to his PC (which needs name resolution).  I manually created a pointer record and an "A" record in my DNS server, then had to flush and registerdns on each NIC adapter on my server, and only then could I finally ping his computer (and push our AV software out to him).  The problem is, that unless I set him up for a static IP address, his IP will change next time he logs in to the VPN and the dns records won't be valid.  I must be missing something in the DHCP server or the DNS server.

One more strange thing is that even though only a couple static IP comptuer have DNS records, I can still ping all of my local pc's in the office network.  How does the ping utility (or rather my pc) know how to resolve the computer name to an IP address if my DNS server doesn't have any forward or reverse lookup records?
LVL 12

Expert Comment

ID: 20443289
It uses ARP or netbios (WINS).
LVL 21

Assisted Solution

from_exp earned 125 total points
ID: 20443470
actually "Always dynamically update DNS A and PTR records" should solve your problem.
Under normal circumstances, your XP pcs will register their name and ip in dns automatically "Register this connection in DNS"

But in case of vpn please check that your clients also receive dns server settings from dhcp server
It is possible, that your sonicwall provides it's own dns settings to clients. In this case you can configure your sonicwall with dns server of your DC

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ASE reports it as spam 2 327
l2tp tunnel from pc to router 14 86
Vpn Server 2012 not working Draytek Vigor 2830 2 45
Sonicwall blocks a site 49 76
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question