Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 206
  • Last Modified:

Directing a VPN client to a certain PC

Hello,
I already set up a VPN on my server and I'm able to connect.  I was wondering if there was a way to direct individual users to certain PC's.  Basically, I want them to be able to log on to the VPN and the server takes them to their PC.  Any help would be great.

Thanks,
Bryan
0
KodiBear
Asked:
KodiBear
  • 7
  • 3
  • 3
  • +1
1 Solution
 
xtravaganCommented:
Could you explain better what you mean? A VPN is a network routing feature not a connection to a given machine.

Once they are on the VPN they can connect to their machine via remote desktop for instance?
0
 
KodiBearAuthor Commented:
The remote desktop is what I plan on them using.  The problem that I am having is that when they connect via their home PC, its not part of the domain.  So when they open RDP and enter "PC Name" it doesn't resolve pc names.  They have to enter the IP address.  Is there a way to make it direct them to their pc.  Hopefully this explains it better.  I know what I want and need, but have a hard time saying it.  Thanks
0
 
xtravaganCommented:
I see.

For that to work the VPN connection must set your Domains WINS or DNS server as well. Thus if the connection is the prio connection (usually is) it will resolve names as it should.

Another solution might be to keep a directory on the server suchs as

\\server\connection\PcName.rdp

or via HTTP

Which will start the RDP client with the settings you have either manually put there or generated.

If you are using DHCP for your domain PCs you likely want to generate those files each time and a web page is a good way to do that.

Don't know if there are better ways to do this. I would go for WINS/DNS, but if you don't want to tamper with the uses normal DNS then just change WINS(they normally don't use that anyways). Also if your DNS doesn't recurse internet lookups and just your own domain.

0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 
KodiBearAuthor Commented:
How do I set the VPN connection to the DNS or WINS?
0
 
xtravaganCommented:
What VPN software are you using? Windows built in, openvpn? Which version windows?
0
 
KodiBearAuthor Commented:
Windows built in, XP Pro SP3, Server2003
0
 
KodiBearAuthor Commented:
Ok, so I set the DNS on the VPN client.  It still isn't working.  I can ping the server by name, but nothing else.  If I use FQDN it comes back with a public IP not private IP.  ???
0
 
giltjrCommented:
On the VPN connection setting under TCP/IP Advanced properties on the General tab check the box that say use default gateway on remote network.

This will cause ALL traffic from the users home PC to be sent over the VPN, they will NOT be able to use the Internet, unless your corporate network allows them to.

The alternative to the above is to give them the commands to add all needed routes to all of your internal subnets.

What I think is happening is that they are sending their DNS requests to their ISP's DNS server and not your internal DNS server.
0
 
KodiBearAuthor Commented:
That is already checked.
0
 
Hypercat (Deb)Commented:
KodiBear, in the properties of the RRAS server, you have to enable LAN routing as well as dial-in access. If you open the Routing and Remote Access management console, then right-click on the "Routing and Remote Access" object and go to Properties.  You will see a checkbox for Routier and under that there are two options.  What you want to do is check the box for Router and also the radio button for LAN and demand-dial routing. And of course the Remote Access checkbox should already be checked.
0
 
giltjrCommented:
You need to track down how DNS resolution is working then.  Assuming you have the FQDN setup on your internal DNS servers properly then you should be able to resolve the FQDN to the internal IP address when connected to the VPN.
0
 
Hypercat (Deb)Commented:
Also, what might make things easier for you is if you set your RRAS server to use DHCP to assign IP addressing information to the VPN clients - assuming you are using DHCP on your network to set this information automatically on your network client machines.  This way, they will automatically get the DNS information they need when they log on to the VPN.  To set this, open the RRAS management console as shown in the attached pic. Then right-click the DHCP Relay Agent, go to Properties and set the IP address of your DHCP server.
RRAS-DHCP-relay.jpg
0
 
KodiBearAuthor Commented:
Okay,
hypercat - the check box for Router and also the radio button for LAN and demand-dial routing are already checked along with remote access.  The DHCP relay agent has the server address added to it.

I can ping the server by name "tmc0100dc01" with no problem.  I cannot ping any other pc by name, only ip address.
0
 
Hypercat (Deb)Commented:
On your client PC, please run ipconfig /all while you are connected to the VPN, and post the results here.
0
 
KodiBearAuthor Commented:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\owner>ipconfig /all

Windows IP Configuration

        Host Name . . . . . . . . . . . . : BRYAN
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : neo.rr.com

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : neo.rr.com
        Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Cont
roller #2
        Physical Address. . . . . . . . . : 00-12-3F-2D-C0-B8
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.0.100
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        IP Address. . . . . . . . . . . . : fe80::212:3fff:fe2d:c0b8%4
        Default Gateway . . . . . . . . . : 192.168.0.1
        DHCP Server . . . . . . . . . . . : 192.168.0.1
        DNS Servers . . . . . . . . . . . : 192.168.0.1
                                            fec0:0:0:ffff::1%1
                                            fec0:0:0:ffff::2%1
                                            fec0:0:0:ffff::3%1
        Lease Obtained. . . . . . . . . . : Wednesday, April 15, 2009 9:54:53 PM

        Lease Expires . . . . . . . . . . : Wednesday, April 22, 2009 9:54:53 PM


PPP adapter TMC:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.1.102
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 192.168.1.102
        DNS Servers . . . . . . . . . . . : 192.168.1.2
                                            192.168.1.116
        Primary WINS Server . . . . . . . : 192.168.1.2

Tunnel adapter Teredo Tunneling Pseudo-Interface:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
        Physical Address. . . . . . . . . : 00-00-05-C0-33-2D-2C-C9
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%5
        Default Gateway . . . . . . . . . :
        NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Automatic Tunneling Pseudo-Interface:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

        Physical Address. . . . . . . . . : C0-A8-01-66
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.102%2
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                            fec0:0:0:ffff::2%1
                                            fec0:0:0:ffff::3%1
        NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Automatic Tunneling Pseudo-Interface:

        Connection-specific DNS Suffix  . : neo.rr.com
        Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

        Physical Address. . . . . . . . . : C0-A8-00-64
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : fe80::5efe:192.168.0.100%2
        Default Gateway . . . . . . . . . :
        DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                            fec0:0:0:ffff::2%1
                                            fec0:0:0:ffff::3%1
        NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Documents and Settings\owner>
0
 
giltjrCommented:
O.K. because of the way your LAN setup  is done you are hitting an MS bug dealing with NIC/Network binding order and name resolution.

You want to read up on KB311218.  There is a script at: http://www.isascripts.org/  you can download to change the registry setting for you.  Go to that page and search on KB311218 and you will find it.

Please note that when certain configuration changes are made to NIC or IP settings, Windows will reorder the binding order and thus the problem comes back and so the user would need to re-execute the script.

I personally have setup a command file that executes the script to fix the binding order and then invokes rasdial with the name of the VPN connection.  This way the binding order is correct every single time.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

  • 7
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now