Problem resolving local server name over VPN

Problem is just what the title says.  IT doesn't know how to solve this issue so hopefully you guys do!

In my office, let's say I have a server called MyServer.  Its IP address is 192.168.1.15 on the network.  In the office, I can type in say, http:\\myserver into IE and it will go to the correct default page.

However, outside of the office, if a user connects to the network (using sonic wall netextender vpn), typing the server name alone will not work.  One has to type http:\\192.168.1.15 to get to the page.

Question: what can be done to give a user connecting from outside of the network the ability to use the server name?  Not only is it a pain for intranet sites but I have a suspicion that access to SQL Server is not working because of this.  

We have a local DNS server.  Can something be done here?  I wish to avoid having to key in the server name/IP in the hosts file for everyone's computers.

Thanks!
kevin_ccmAsked:
Who is Participating?
 
Alexey KomarovChief Project EngineerCommented:
If you wish to use http://myserver without using FQDN
1 you can use WINS Server where it is possible to register name Myserver
2 you can use %SystemRoot %\system32\drivers\etc\hosts on clients

0
 
merowingerCommented:
Do the clients get a DNS Server which resolves the name when they are connected with VPN?
Are the clients domain members? Do they have a DNS suffix when connected with VPN?

To check DNS Server and DNS Suffix type: ipconfig /all
on the client
0
 
kevin_ccmAuthor Commented:
Hi mero,

According to ipconfig /all, the users (remote but connected) can get to a DNS server (192.168.1.2).  I'm told they are domain members as well.  However I was also told that they can't get to the DNS server here (local).

One other thing, ipconfig on my machine gets two DNS IP addresses, while only one on theirs.  I'm told the one that shows up is the DNS server, though.
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
Alexey KomarovChief Project EngineerCommented:
And also use FQDN myserver.local is possible
If you get the domain local on the DNS server
0
 
kevin_ccmAuthor Commented:
Hi Alexey,

I really wish to avoid option #2; can you provide more detail or what to look for on how to use WINS server?
0
 
merowingerCommented:
what happens you execute the following on a client:

nslookup myserver

or

nslookup myserver.domain.net

Maybe firewall blocks it
0
 
Alexey KomarovChief Project EngineerCommented:
It is necessary for you install Wins a server
And in adjustment dhcp a server which gives out parametres for Vpn clients to specify server wins ip address

http://technet.microsoft.com/en-us/library/cc784180(WS.10).aspx
http://technet.microsoft.com/en-us/library/cc781979%28WS.10%29.aspx
0
 
kevin_ccmAuthor Commented:
Hmm, might be firewall!  On the client,

[nslookup myserver] does not work.
[nslookup myserver.domain.net] does work.

What now?
0
 
merowingerCommented:
can you access the website via http://myserver.domain.net
Could you post you ipconfig /all result.
It seems that there is not appended a DNS Suffix
0
 
kevin_ccmAuthor Commented:
the website can be accessed from that url.  sorry couldn't post the results because my co-worker only sent me a screenshot...but the entry for "Connection-specific DNS Suffix" is myserver.local   is there anything else you are looking for?  only one entry under DNS servers.
0
 
Alexey KomarovChief Project EngineerCommented:
can you access the website via http://myserver.local   
0
 
merowingerCommented:
the DNS Suffix should be domain.net
0
 
kevin_ccmAuthor Commented:
alexey- *cannot* be accessed from http://myserver.local (not even on my local pc)

mero- ahh, how can i change that?  i see that it is domain.net on my computer
0
 
kevin_ccmAuthor Commented:
ps- i'm sure you figured it out already but i meant the remote user's pc says domain.local for dns suffix, not myserver.local
0
 
merowingerCommented:
I'm confused now  :)

What's you real domain FQDN and what's the domain suffix configured on the clients?
domain.net
domain.local!??!
0
 
kevin_ccmAuthor Commented:
haha sorry.  FQDN is ip address right?

FQDN: 192.168.1.15
remote vpn client primary and cnxn-specific dns suffix: domain.local
local client (me) cnxn-specific dns suffix: domain.net
local client (me) primary dns suffix: none
0
 
kevin_ccmAuthor Commented:
or did you mean (sorry i don't want to use real names)...

FQDN:  myserver.mycompany.com
remote dns suffix: mycompany.local
local dns suffix: mycompany.com

and i want users to just be able to type http:\\myserver
0
 
merowingerCommented:
No FQDN is the Fully qualified domain name
It's just important that you VPN client has the same DNS Suffix as you local client.
Is this the case?
For me it seems that there are differences (.local, .com)
So is the remote client member of a domain?!
0
 
kevin_ccmAuthor Commented:
Thanks well I'll have to check it over w/IT to see if they know how to change that setting...but everyone's gone for the day so I'll see tomorrow.  I will get back to this thread later then, thanks for the help!
0
 
merowingerCommented:
If you have to change a VPN seatting in bulk, then you can edit the rasphone.pbk file on one computer and deploy it to many clients.

It's located under:
%APPDATA%\Microsoft\Network\Connections\Pbk

The DNS Suffix setting is:
IpDnsSuffix=domain.net
0
 
RCEMortimerCommented:
Broadcast traffic does not normally travel over a VPN. If you do not have a WINS server your machines are resolving either by DNS or Broadcast. If you can not connect by FQDN and have the correct DNS server specified (the one on your LAN - Check it with IPCONFIG /ALL from a windows command line) then you are resolving names using Broadcast. To fix the VPN issue you need to do one of the following:-

Install a WINS Server and announce it in DHCP

Register names in local DNS and set your default DNS search to the local domain

Enter static names in LAN DNS for the services you want to be seen specify the LAN DHCP server for the vpn clients

Allow Broadcast traffic across the VPN (Performance issues may arise)

Edit the lmhosts file on your VPN client PC and enter the names and associated IP addresses you need to contact

For a 1 off fix on a stable network the last option is a fix
Do do it right choose options 1,2 and 4
Option 4 may clog your VPN depending on the amount of resolution traffic.
0
 
kevin_ccmAuthor Commented:
hi, thanks for the replies...unfortunately i'm not able to get at the dns/server stuff w/IT until tomorrow so i will reply back when we can get to it.

mortimer- my co-worker (remote) can get to myserver.mycompany.com but for some reason i (local) cannot.  but remote cannot get to http://myserver where as local can.
0
 
RCEMortimerCommented:
myserver.mycompany.com is a FQDN and is resolved by DNS

Adding mycompany.com as the remote machines default default DNS suffix will cause it to expand myserver to myserver.mycompany.com in the background - This will solve your problem as myserver.mycompany.com will resolve correctly

This seems to support the Idea that you are either using broadcast to resolve windows machine names or you are using DNS but the default domain suffix is not entered into the remote PC.

You can find the DNS suffix settings by bringing up your adapter's TCP/IP properties and navigating to  advanced > DNS.  
0
 
kevin_ccmAuthor Commented:
thanks for the help everyone, IT has decided to set up a WINS server.  tough split up fairly but i've given most to alexey since he was the first to have that answer.  thanks again!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.