vls-derek
asked on
Internal DNS Problem over Site to Site VPN
I just succesfully established a site to site VPN between our main office and branch office.
The main office has two domain controllers, both running Windows Server 2003 and both are running DNS. The branch office does not have a domain controller yet but I plan to add one in the future.
The remote site is set to use one of the primary office's Domain Controllers as its DNS. External Lookups are no problem, but it can't resolve any internal FQDNs. NetBios Broadcast is enabled so I can resolve the partial name, but if I try to ping the FQDN, it tells me that the name doesn't exist. The workstations on the remote site are already joined to the domain (I did this before I moved them).
I did several nslookups and found the same thing - external domains resolve but internal hosts or the domain name (vincentlimousines.local) do not resolve.
I've chekced my VPN on both ends - it's set to allow traffic of all types between the two sites.
Any thoughts would be greatly appreciated/
The main office has two domain controllers, both running Windows Server 2003 and both are running DNS. The branch office does not have a domain controller yet but I plan to add one in the future.
The remote site is set to use one of the primary office's Domain Controllers as its DNS. External Lookups are no problem, but it can't resolve any internal FQDNs. NetBios Broadcast is enabled so I can resolve the partial name, but if I try to ping the FQDN, it tells me that the name doesn't exist. The workstations on the remote site are already joined to the domain (I did this before I moved them).
I did several nslookups and found the same thing - external domains resolve but internal hosts or the domain name (vincentlimousines.local) do not resolve.
I've chekced my VPN on both ends - it's set to allow traffic of all types between the two sites.
Any thoughts would be greatly appreciated/
thsteph
can you ping it with the IP?
ASKER
Yes - I can ping both DNS servers (and all other servers / workstations at the main office) from the remote site.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I thought about that and dismissed it right away because I really want to make it work "the right way", but I just entered the domain controllers in the hosts file and now it seems to work and communicate with AD. Unless someone else has some thoughts, I'll use this for the time being until I add a DC over at this site.
hmmm ... can't think of anything else ... especially if you are not using a dns in the remote location. you could always set it as a dns redirect. using any cisco routers?
Is the DC at the HQ the only DNS server configured on the remote office workstations? Just wondering if somehow an internet DNS server has been set as primary?
ASKER
Compaq_Engineer --- I made sure that I set the DNS on the remote workstations to only look at the main office's DNS servers - there aren't any public ones being referenced.
ASKER
My main office is using a Sonicwall TZ 170. The remote office is using a Linksys (Cisco small business series) WRVS4400N.
can you set a dns on the linksys?
cause everything's working normal, so you just need to set the dns on your router, if you can do that. otherwise, just stick with the hosts file mod.
copy it to all pcs
cause everything's working normal, so you just need to set the dns on your router, if you can do that. otherwise, just stick with the hosts file mod.
copy it to all pcs
sorry ... didn't read your post ... errr, well, do you use a dhcp on the workstations? or is it a static IP. what is the dns given to them?
cheers for the points! :)