Solved

Sonicwall 2040 VPN problem - How to assign ip address to each VPN session

Posted on 2007-12-05
5
1,165 Views
Last Modified: 2012-06-27
We have a Sonicwall 2040 and a couple users who live in other countries and who VPN in to our network.  We have a Windows 2003 Domain controller, which is our DHCP server.  The problem is, I want to have each VPN session somehow "registered" with the Domain Controller/DHCP server.  I don't know exactly the right terminology, but I don't quite understand how the Sonicwall and Windows DHCP server work together with VPN sessions.  I have the Sonicwall DHCP server disabled of course, but in the VPN section, there is an option for DHCP over VPN.  Should this be configured?  When users connect to our VPN, they get a correct virtual IP address on our LAN, but it seems that the Windows DHCP server doesn't register them with DNS maybe???

We have a new centralized Anti Virus server, and I am trying to push out client installs to the remote users, and the server won't see any PC's on the vpn for some reason.
0
Comment
Question by:jbobst
  • 2
  • 2
5 Comments
 
LVL 12

Accepted Solution

by:
bhnmi earned 125 total points
ID: 20413672
Configure the DHCP over the VPN option and enable netbios too.
0
 
LVL 21

Expert Comment

by:from_exp
ID: 20413710
your vpn box should ask for ip address for client from your domain dhcp server
on the dc dhcp server check register dns for dhcp leases
0
 
LVL 1

Author Comment

by:jbobst
ID: 20443134
I configured the Sonicwall and they are getting an IP address just fine from DHCP, but DNS still doesn't have a record created.  In fact, when I went to view my DNS server (in the Windows Management console), it appears as if none of my office computer have a dns record in there...other than a few computers that have static IP addresses where I manually created a DNS record.  When I checked the DHCP server settings, I have "Enable DNS dynamic updates..."  and "Always dynamically update DNS A and PTR records" checked in the properties section.  I recall not too long ago that when I looked in the DNS server, I saw records for all of my local computers, now there are none!  I had our user from Europe log into the VPN, and he received a good IP address.  The problem was, I couldn't "ping" his pc, unless I used his actual ip address.  I wanted to use the pc name howerver, and I wanted to push our Anti-Virus software to his PC (which needs name resolution).  I manually created a pointer record and an "A" record in my DNS server, then had to flush and registerdns on each NIC adapter on my server, and only then could I finally ping his computer (and push our AV software out to him).  The problem is, that unless I set him up for a static IP address, his IP will change next time he logs in to the VPN and the dns records won't be valid.  I must be missing something in the DHCP server or the DNS server.

One more strange thing is that even though only a couple static IP comptuer have DNS records, I can still ping all of my local pc's in the office network.  How does the ping utility (or rather my pc) know how to resolve the computer name to an IP address if my DNS server doesn't have any forward or reverse lookup records?
0
 
LVL 12

Expert Comment

by:bhnmi
ID: 20443289
It uses ARP or netbios (WINS).
0
 
LVL 21

Assisted Solution

by:from_exp
from_exp earned 125 total points
ID: 20443470
actually "Always dynamically update DNS A and PTR records" should solve your problem.
Under normal circumstances, your XP pcs will register their name and ip in dns automatically "Register this connection in DNS"

But in case of vpn please check that your clients also receive dns server settings from dhcp server
It is possible, that your sonicwall provides it's own dns settings to clients. In this case you can configure your sonicwall with dns server of your DC
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question