DNS help needed

Hi all...I have a 2003SBS that I just ramped up as the Domain Controller for a company that was previously networked via workgroup.  They have 2 remote offices connected via an always on VPN (Linksys RV016 at main office, RV041 at remote locations).  I am using DHCP and DNS on the server, and have switched off DHCP on the RV016.  The remote offices are still using the Router DHCP.   Everything is fine at the main office, but I want to join the PC's at the romote office to the domain.  While I can ping the IP address, I can't resolve the server name across the VPN.  Here are the IP scopes
Main Office 192.168.0.x, Remote office 1: 192.168.150.x, remote office2: 192.168.1.x
I don't think the VPN will work if I make the remote offices in the same scope of the main office...so how do I get 192.168.150.x computers to resolve names on 192.168.0.x???
JDCTECHAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bhnmiCommented:
set the DNS server in the dhcp scope at the remote office to the IP  address of your domain controller. All the AD information is at the local site living on the DC.
0
Alan Huseyin KayahanCommented:
   Hi JDCTECH
        A client has to have the IP of the domain controller (DNS server) of the domain you want to join it as the preferred DNS server. So, you either have to assign the IP of DC is main office as the preferred DNS server for client is Remote office, or if remote has a DNS server, add the main office's domain controller IP as forwarder.

Regards
     
0
JDCTECHAuthor Commented:
OK, I was able to configure the remote router to point the client DNS IP to the server first, then the ISP second.  I can ping the server by IP, still not by name.  Here is my IPCONFIG /all
IP 192.168.150.102
Sub 255.255.255.0
GW: 192.168.150.1
DNS1: 192.168.0.5  (this is the 2003SBS)
DNS2: 24.92.226.12
I get 'Ping request could not find the host 2003sbs...'
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

bhnmiCommented:
Use the command nslookup at the command line.

What does it say for server?
0
bhnmiCommented:
I would also remove the ISP DNS server for the interim while we try and get this working.
0
JDCTECHAuthor Commented:
nslookup shows 192.168.0.5 2003sbs.domain.local
When I ping 2003sbs no reply I get 'non-existant domain'
This is interesting...when I try to browse to 192.168.0.5/connectcomputer I get:
HTTP Error 403.6 - Forbidden: IP address of the client has been rejected.   How do I unblock addresses in this IP range?
0
bhnmiCommented:
enter the fqdn not the host name. ie: 2003sbs.domain.local when trying to join the domain.
0
bhnmiCommented:
You can unblock the IP address range by adding the IP address range of the remote site to the directory security for the virtual server in IIS that handles the adding a computer.
0
bhnmiCommented:
on the post above the last disregard. You need to enter the fqdn for the domain, domain.local when adding it, not just the domain.
0
JDCTECHAuthor Commented:
OK, please elaborate on IIs virtual server instructions

Thanks, Dan
0
bhnmiCommented:
Right click my computer on the server and select manage. Expand services and expand IIS. if you right click on default website and select properties you will get a dialog box. There will be a directory security tab here. This is where you can change permissions to the internal website. Be careful what you do here, you can hose it. I would recommend backing it up first.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JDCTECHAuthor Commented:
Thanks for your help, sorry to take so long closing.  I went with a different approch in the end
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.