Solved

Enable resolving of host names over VPN

Posted on 2010-08-18
7
296 Views
Last Modified: 2012-05-10
We currently have a hardware vpn set up to another network and we can access all our severs there via local IP Address (eg. \\192.168.0.4). However, accessing by host name fails (eg. \\server). What settings should I configure on my router to enable this?

To give you guys an idea, the network looks like this:

Server in City 1 <> Router/VPN in City 1 <> Router/VPN in City 2 <> Client in City 2

We are using a Fortigate 60B in both cities.
0
Comment
Question by:FusionBeyond
7 Comments
 
LVL 8

Expert Comment

by:SylvainDrapeau
ID: 33471435
Hello !

look at this document, it explains common problems with VPNs and specifically name resolution problems at the begining : http://www.isaserver.org/img/upl/vpnkitbeta2/dnsvpn.htm

It is related to ISA Server but the basis is the same for all VPNs and I'm sure you will find the solution to your problem.

Syldra
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33472313
How do you assign IP adresses for VPN clients (DHCP or Static pool) ?
0
 

Author Comment

by:FusionBeyond
ID: 33472935
VPN clients are given IP addresses from a specified range.

@SylvainDrapeau, the document you suggested is informative but too general for what I need.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 2

Expert Comment

by:alro613
ID: 33474978
What i generally do is set the remote clients with HOST files listing all internal dns that they need so that when they vpn, they can use UNC to get to where they need to go...

The main consideration i need is a seperate URL DNS A record for my exchange server for them to use when they are outside of the office and using OWA.

But for BIGGER enterprises that could be a lot of entries to type out... it's quick and dirty, but effective.
0
 
LVL 4

Expert Comment

by:Allvirtual
ID: 33480915
This is a known VPN issue. If you are using NetBIOS you must make sure your VPN client supports NetBIOS over TCP and enable it. Otherwise straight DNS should work. However I have seen many cases where the IPsec assigned DNS settings were overwritten by the local client DNS settings and you had to specify the settings in the IPsec client to take precedence.
0
 
LVL 27

Accepted Solution

by:
Steve earned 500 total points
ID: 33502769
This is simply an issue that each server cannot perform DNS lookups for the other.

do the two domains share the same domain name?

If yes, set the DNS servers on each site to replicate the DNS entries from the other site so that it has a list of hostnames for each network.

If they do not share the same domain just set each server up as a secondary forward lookup zone for the other. each one can copy the others DNS and provide name resolution for each others site.
Alternatively, you can set a forwarder up in DNS to forward all requests for the other domain to the server via the VPN.
0
 

Author Closing Comment

by:FusionBeyond
ID: 33507985
The problem was that the clients computers were not using the DNS server provided by the Windows 2003 server on the other side of the VPN. After setting the secondary DNS server to point to the Windows Server in the remote router, and renewing the clients ip address, everything worked great.

Another thing for those reading this, if you intend to then add a client to a domain over VPN, be sure to enter the fully qualified domain (eg. DOMAINNAME.local)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Auslogics BoostSpeed 9 software 5 60
Cisco ASA two factor VPN 3 51
Purpose of Azure Gateway Subnet when creating a VPN 3 62
cradle point vpn to sonicwall 5 48
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Learn about cloud computing and its benefits for small business owners.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now