Solved

DNS resolution through VPN tunnel

Posted on 2008-10-31
5
705 Views
Last Modified: 2012-05-05
I just setup a B2B VPN tunnel between our company and headquarters. All employees access a special corporate public web-portal which can be accessed from anywhere on the internet. One of the links on the portal, let's call it "acct.company.com" points to an accounting server and only works if the computer trying to access it is on a secure network over the VPN tunnel. Otherwise the user will get a page cannot be displayed. On our tunnel rules, we allow access to this accounting server by its IP, (10.55.55.1).

The problem is if a user click on the accts link, the web page resolves to "acct.company.com" which does not go through the tunnel and it fails. If I replace the "acct.company.com" with the server IP 10.55.55.1, it works. I am sure I need to created a record on our DNS server (Windows 2003 AD) but not sure how and if it will work through the tunnel.

Any help would be appreciated. Thanks!
0
Comment
Question by:lehan
  • 3
  • 2
5 Comments
 
LVL 92

Expert Comment

by:John Hurst
ID: 22852759
You might also need a Hosts file entry on the client machine to associate an IP with a name. There are samples in the Hosts file (windows\system32\drivers\etc)  .... T
0
 
LVL 1

Author Comment

by:lehan
ID: 22853120
I tried the hosts file entry on my laptop but unfortunately that did not work.
I added:
10.55.55.1   acct.company.com

any idea how to add to the DNS server?
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 22853327
DNS is available through Admin tools on the server, but I don't see how entries here will assist someone at the other end of a VPN tunnel. It may be that your entries in the VPN setup need to be modified, but I am not knowledgeable enough to make a suggestion. I use consultants myself to set up VPN's.  .... T
0
 
LVL 1

Author Comment

by:lehan
ID: 22853496
I am unable to find (so far) anyway of adding a url resolving to an IP in my firewall rules.
To clarify, a user on our end of the tunnel is trying to access a secure web server on the other end of the tunnel.
0
 
LVL 1

Accepted Solution

by:
lehan earned 0 total points
ID: 22900727
so I figured this one out and the solution had to do with our DNS server. I had to add a new forward lookup zone for acct.company.com on our DNS server, then created an A host record for the hostname.acct.company.com pointing to the server IP address. I tested it from a few machines and now the link is working and can see the traffic going through the tunnel.

I did have to flush dns on one of the machines to it get to work (ipconfig /flushdns).

since I found the solution myself, can the points be refunded?
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most DNS problems are VERY easily troubleshot and identifiable if you can follow the steps a DNS query takes. I would like to share the step-by-step a DNS query takes from the origin to the destination. _____________________________________________…
One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now