Solved

DNS resolution through VPN tunnel

Posted on 2008-10-31
5
707 Views
Last Modified: 2012-05-05
I just setup a B2B VPN tunnel between our company and headquarters. All employees access a special corporate public web-portal which can be accessed from anywhere on the internet. One of the links on the portal, let's call it "acct.company.com" points to an accounting server and only works if the computer trying to access it is on a secure network over the VPN tunnel. Otherwise the user will get a page cannot be displayed. On our tunnel rules, we allow access to this accounting server by its IP, (10.55.55.1).

The problem is if a user click on the accts link, the web page resolves to "acct.company.com" which does not go through the tunnel and it fails. If I replace the "acct.company.com" with the server IP 10.55.55.1, it works. I am sure I need to created a record on our DNS server (Windows 2003 AD) but not sure how and if it will work through the tunnel.

Any help would be appreciated. Thanks!
0
Comment
Question by:lehan
  • 3
  • 2
5 Comments
 
LVL 93

Expert Comment

by:John Hurst
ID: 22852759
You might also need a Hosts file entry on the client machine to associate an IP with a name. There are samples in the Hosts file (windows\system32\drivers\etc)  .... T
0
 
LVL 1

Author Comment

by:lehan
ID: 22853120
I tried the hosts file entry on my laptop but unfortunately that did not work.
I added:
10.55.55.1   acct.company.com

any idea how to add to the DNS server?
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 22853327
DNS is available through Admin tools on the server, but I don't see how entries here will assist someone at the other end of a VPN tunnel. It may be that your entries in the VPN setup need to be modified, but I am not knowledgeable enough to make a suggestion. I use consultants myself to set up VPN's.  .... T
0
 
LVL 1

Author Comment

by:lehan
ID: 22853496
I am unable to find (so far) anyway of adding a url resolving to an IP in my firewall rules.
To clarify, a user on our end of the tunnel is trying to access a secure web server on the other end of the tunnel.
0
 
LVL 1

Accepted Solution

by:
lehan earned 0 total points
ID: 22900727
so I figured this one out and the solution had to do with our DNS server. I had to add a new forward lookup zone for acct.company.com on our DNS server, then created an A host record for the hostname.acct.company.com pointing to the server IP address. I tested it from a few machines and now the link is working and can see the traffic going through the tunnel.

I did have to flush dns on one of the machines to it get to work (ipconfig /flushdns).

since I found the solution myself, can the points be refunded?
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Most DNS problems are VERY easily troubleshot and identifiable if you can follow the steps a DNS query takes. I would like to share the step-by-step a DNS query takes from the origin to the destination. _____________________________________________…
One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question