FusionBeyond
asked on
Enable resolving of host names over VPN
We currently have a hardware vpn set up to another network and we can access all our severs there via local IP Address (eg. \\192.168.0.4). However, accessing by host name fails (eg. \\server). What settings should I configure on my router to enable this?
To give you guys an idea, the network looks like this:
Server in City 1 <> Router/VPN in City 1 <> Router/VPN in City 2 <> Client in City 2
We are using a Fortigate 60B in both cities.
To give you guys an idea, the network looks like this:
Server in City 1 <> Router/VPN in City 1 <> Router/VPN in City 2 <> Client in City 2
We are using a Fortigate 60B in both cities.
How do you assign IP adresses for VPN clients (DHCP or Static pool) ?
ASKER
VPN clients are given IP addresses from a specified range.
@SylvainDrapeau, the document you suggested is informative but too general for what I need.
@SylvainDrapeau, the document you suggested is informative but too general for what I need.
What i generally do is set the remote clients with HOST files listing all internal dns that they need so that when they vpn, they can use UNC to get to where they need to go...
The main consideration i need is a seperate URL DNS A record for my exchange server for them to use when they are outside of the office and using OWA.
But for BIGGER enterprises that could be a lot of entries to type out... it's quick and dirty, but effective.
The main consideration i need is a seperate URL DNS A record for my exchange server for them to use when they are outside of the office and using OWA.
But for BIGGER enterprises that could be a lot of entries to type out... it's quick and dirty, but effective.
This is a known VPN issue. If you are using NetBIOS you must make sure your VPN client supports NetBIOS over TCP and enable it. Otherwise straight DNS should work. However I have seen many cases where the IPsec assigned DNS settings were overwritten by the local client DNS settings and you had to specify the settings in the IPsec client to take precedence.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The problem was that the clients computers were not using the DNS server provided by the Windows 2003 server on the other side of the VPN. After setting the secondary DNS server to point to the Windows Server in the remote router, and renewing the clients ip address, everything worked great.
Another thing for those reading this, if you intend to then add a client to a domain over VPN, be sure to enter the fully qualified domain (eg. DOMAINNAME.local)
Another thing for those reading this, if you intend to then add a client to a domain over VPN, be sure to enter the fully qualified domain (eg. DOMAINNAME.local)
look at this document, it explains common problems with VPNs and specifically name resolution problems at the begining : http://www.isaserver.org/img/upl/vpnkitbeta2/dnsvpn.htm
It is related to ISA Server but the basis is the same for all VPNs and I'm sure you will find the solution to your problem.
Syldra