Solved

Sonicwall 2040 VPN problem - How to assign ip address to each VPN session

Posted on 2007-12-05
5
1,152 Views
Last Modified: 2012-06-27
We have a Sonicwall 2040 and a couple users who live in other countries and who VPN in to our network.  We have a Windows 2003 Domain controller, which is our DHCP server.  The problem is, I want to have each VPN session somehow "registered" with the Domain Controller/DHCP server.  I don't know exactly the right terminology, but I don't quite understand how the Sonicwall and Windows DHCP server work together with VPN sessions.  I have the Sonicwall DHCP server disabled of course, but in the VPN section, there is an option for DHCP over VPN.  Should this be configured?  When users connect to our VPN, they get a correct virtual IP address on our LAN, but it seems that the Windows DHCP server doesn't register them with DNS maybe???

We have a new centralized Anti Virus server, and I am trying to push out client installs to the remote users, and the server won't see any PC's on the vpn for some reason.
0
Comment
Question by:jbobst
  • 2
  • 2
5 Comments
 
LVL 12

Accepted Solution

by:
bhnmi earned 125 total points
ID: 20413672
Configure the DHCP over the VPN option and enable netbios too.
0
 
LVL 21

Expert Comment

by:from_exp
ID: 20413710
your vpn box should ask for ip address for client from your domain dhcp server
on the dc dhcp server check register dns for dhcp leases
0
 
LVL 1

Author Comment

by:jbobst
ID: 20443134
I configured the Sonicwall and they are getting an IP address just fine from DHCP, but DNS still doesn't have a record created.  In fact, when I went to view my DNS server (in the Windows Management console), it appears as if none of my office computer have a dns record in there...other than a few computers that have static IP addresses where I manually created a DNS record.  When I checked the DHCP server settings, I have "Enable DNS dynamic updates..."  and "Always dynamically update DNS A and PTR records" checked in the properties section.  I recall not too long ago that when I looked in the DNS server, I saw records for all of my local computers, now there are none!  I had our user from Europe log into the VPN, and he received a good IP address.  The problem was, I couldn't "ping" his pc, unless I used his actual ip address.  I wanted to use the pc name howerver, and I wanted to push our Anti-Virus software to his PC (which needs name resolution).  I manually created a pointer record and an "A" record in my DNS server, then had to flush and registerdns on each NIC adapter on my server, and only then could I finally ping his computer (and push our AV software out to him).  The problem is, that unless I set him up for a static IP address, his IP will change next time he logs in to the VPN and the dns records won't be valid.  I must be missing something in the DHCP server or the DNS server.

One more strange thing is that even though only a couple static IP comptuer have DNS records, I can still ping all of my local pc's in the office network.  How does the ping utility (or rather my pc) know how to resolve the computer name to an IP address if my DNS server doesn't have any forward or reverse lookup records?
0
 
LVL 12

Expert Comment

by:bhnmi
ID: 20443289
It uses ARP or netbios (WINS).
0
 
LVL 21

Assisted Solution

by:from_exp
from_exp earned 125 total points
ID: 20443470
actually "Always dynamically update DNS A and PTR records" should solve your problem.
Under normal circumstances, your XP pcs will register their name and ip in dns automatically "Register this connection in DNS"

But in case of vpn please check that your clients also receive dns server settings from dhcp server
It is possible, that your sonicwall provides it's own dns settings to clients. In this case you can configure your sonicwall with dns server of your DC
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now