Link to home
Start Free TrialLog in
Avatar of Jennifer1024
Jennifer1024

asked on

Main site to remote site DNS problem via VPN tunnel

This weekend my Data Center was moved from one location to another.  The old location is now a branch office of the new location.  All the servers are at the main location, domain, dns, dhcp ect.  The only thing that remains at the branch location is a ASA firewall, switch and some thin clients.  A vpn tunnel was created between the ASA at the main and the ASA at the remote.  The remote site is getting DHCP addresses from the ASA and the main site is getting DHCP from the DHCP server.  The addresses are not the same.
Ideally, I want both sites to get all of the DHCP and DNS information from the main site.  Is that possible and if so how?
If that isnt possible can I configure my DNS servers to resolve the hostnames from the branch sites ip addressing scheme?
We go live in the morning so help is much appreciated as soon as possible!
Avatar of Hugh Fraser
Hugh Fraser
Flag of Canada image
Are the thin client' servers also being hosted remotely? If so, the processing's being done remotely, and the actual address of the clients really doesn't matter. As such, you might as well leave the situation as is letting the local ASA firewall issue the addresses.

One thing to keep in mind, though, is the scope.  If you have many sites, remote sites confgured the same way, you'll want to ensure that each issues different addresses.

The main reason for leaving the address issued locally is to eliminate the need to allow broadcast traffic across the VPN (DHCP requests are a boradcast)
Avatar of Jennifer1024
Jennifer1024

ASKER

There isn't a server at the remote site.  Just a switch and the ASA.  Right not neither site can really talk to the other as the addresses are not being resolved.
Avatar of Hugh Fraser
Hugh Fraser
Flag of Canada image
OK. So modify the DHCP server in the ASA firewall to point clients DNS to the main site and manage DNS stuff from there. I'd still leave the remote clients getting addresses from the local firewall.
SOLUTION
Avatar of RGRodgers
RGRodgers
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of RGRodgers
RGRodgers
Flag of United States of America image
This refereence can provide a lot of help if you can use it:
http://en.wikipedia.org/wiki/Dhcp
Avatar of Jennifer1024
Jennifer1024

ASKER

I modified the DHCP server on the remote ASA to point DNS queries to my DNS servers at the main.  I also set up DHCP relay to my DHCP servers.  So far I'm not seeing any difference and the ARP table on the remote ASA still shows old addresses.
Avatar of Jennifer1024
Jennifer1024

ASKER

Update:  I forged ahead with different IP addresses at the remote site.  Many of these clients are connecting through thin clients or can connect with RDP so that works fine.  They can connect to the TS at the main site without any issues.  However, I'm having a hard time printing from the TS server back to the remote sites printers.  The printers have new addresses as well and install fine on the server but no luck there either.
ASKER CERTIFIED SOLUTION
Avatar of Hugh Fraser
Hugh Fraser
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial