Solved

SBS 2008 VPN DNS Issues

Posted on 2009-07-13
2
858 Views
Last Modified: 2012-06-21
I'm currently running a SBS 2008 Premium server with Windows XP Pro SP3 clients. I've encountered issues with the Microsoft VPN client since upgrading to SBS 2008. My clients are able to connect, authenticate, and get DHCP settings correctly. If servers are referred to by \\servername.domain.local\share it works great but if only \\servername\share is entered the VPN'd machines are unable to resolve it. Is this inherint within the design of SBS 2008 or is there something I can adjust to provide the ability of resolving by just the servername?
0
Comment
Question by:Danstr1
2 Comments
 
LVL 3

Accepted Solution

by:
AdoBeebo earned 500 total points
ID: 24841989
This is a guess, but are your VPN clients going into a different subnet to the rest of the domain? Are they pulling down 192.168.1.1/24 IP addresses? This IP range is provided by Networking and Remote Access. I haven't peered into the defaults of SBS08 but I do know that the DHCP service provided by N&RA is limited compared to the full blown DHCP service that will be handing out IPs to internal clients.
Can you check that it is the SBS08 server providing DHCP services from its own DHCP service, or if it is the limited DHCP service that comes with Networking and Remote Access Role. Check to see if DHCP leases are being provided to a logged in VPN client from the main scope, and verify the DNS settings are correct within the scope.
You can certainly help your aim of single name resolution by setting up a GlobalNameZone which is populated with CNAME values. If the GNZ is included in the same DNS as is specified for clients in the DHCP scope they use you should find name resolution a little bit smarter.
Setup GNZ
From CMD:
dnscmd.exe ServerNameHere /config /enableglobalnamessupport 1
In DNS Management
Create a new Forward Lookup Zone called "GlobalNames", AD integrated, replicate forest-wide.
Populate this zone with CNAME values e.g.
"SBS08" = "SBS08.domain.local"
"Proxy" = "ISA06.domain.local"
etc
0
 

Author Comment

by:Danstr1
ID: 24843250
The DHCP all checked out. DHCP was coming correctly from the server including the DNS settings. I proceeded to create the GlobalNameZone as you recommended. I am now able to connect to those machines I entered the CNAME values for. Thanks!
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Suggested Solutions

I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now