Solved

SBS 2008 VPN DNS Issues

Posted on 2009-07-13
2
869 Views
Last Modified: 2012-06-21
I'm currently running a SBS 2008 Premium server with Windows XP Pro SP3 clients. I've encountered issues with the Microsoft VPN client since upgrading to SBS 2008. My clients are able to connect, authenticate, and get DHCP settings correctly. If servers are referred to by \\servername.domain.local\share it works great but if only \\servername\share is entered the VPN'd machines are unable to resolve it. Is this inherint within the design of SBS 2008 or is there something I can adjust to provide the ability of resolving by just the servername?
0
Comment
Question by:Danstr1
2 Comments
 
LVL 3

Accepted Solution

by:
AdoBeebo earned 500 total points
ID: 24841989
This is a guess, but are your VPN clients going into a different subnet to the rest of the domain? Are they pulling down 192.168.1.1/24 IP addresses? This IP range is provided by Networking and Remote Access. I haven't peered into the defaults of SBS08 but I do know that the DHCP service provided by N&RA is limited compared to the full blown DHCP service that will be handing out IPs to internal clients.
Can you check that it is the SBS08 server providing DHCP services from its own DHCP service, or if it is the limited DHCP service that comes with Networking and Remote Access Role. Check to see if DHCP leases are being provided to a logged in VPN client from the main scope, and verify the DNS settings are correct within the scope.
You can certainly help your aim of single name resolution by setting up a GlobalNameZone which is populated with CNAME values. If the GNZ is included in the same DNS as is specified for clients in the DHCP scope they use you should find name resolution a little bit smarter.
Setup GNZ
From CMD:
dnscmd.exe ServerNameHere /config /enableglobalnamessupport 1
In DNS Management
Create a new Forward Lookup Zone called "GlobalNames", AD integrated, replicate forest-wide.
Populate this zone with CNAME values e.g.
"SBS08" = "SBS08.domain.local"
"Proxy" = "ISA06.domain.local"
etc
0
 

Author Comment

by:Danstr1
ID: 24843250
The DHCP all checked out. DHCP was coming correctly from the server including the DNS settings. I proceeded to create the GlobalNameZone as you recommended. I am now able to connect to those machines I entered the CNAME values for. Thanks!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question