Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

VPN connections causing DNS issues for local domain.

Posted on 2010-08-25
9
Medium Priority
?
915 Views
Last Modified: 2012-08-14
We are having an issue where a user who sits on a 10.1.1.1 network makes a VPN connection to a 192.x.x.x net work and then it registers the 192.x.x.x in the local 10.1.1.1 DNS server causing issues.  How can I prevent the user from registering a 192.x.x.x address on our DNS server that should only have 10.x.x.x entries?  It there a way to prevent the VPN connection from registering with DNS?
0
Comment
Question by:WyleHou
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 4

Expert Comment

by:alexmclv
ID: 33523973
Is the user connecting from a Windows machine? If he/she is just connecting using Windows' built-in VPN client, you can modify the properties of the connection to prevent it from registering its DNS address by:

- Right-click the VPN connection and select Properties.
- Click the Networking tab.
- Select Internet Protocol (TCP/IP) and click the Properties button.
- Click the Advanced button.
- Click the DNS tab.
- UNCHECK the "Register this connection's addresses in DNS" checkbox.
- Click OK until you close out of all windows.
0
 
LVL 4

Accepted Solution

by:
Dave773 earned 2000 total points
ID: 33523985
Under the network adapter TCP/IP settings for the VPN client, you need to disable registration of the connection's address in DNS.

Untitled.png
0
 

Author Comment

by:WyleHou
ID: 33524188
The users are using a checkpoint VPN client.
0
Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

 
LVL 4

Expert Comment

by:Dave773
ID: 33524261
That's fine... the checkpoint client probably dynamically creates a "virtual" network adapter at the time of connection.
Do you use group policies in your network?
0
 
LVL 4

Expert Comment

by:Dave773
ID: 33524283
One option is to disable this setting in group policy... When your client PC gets his 10.x.x.x address from DHCP, the DHCP server should register that connection in DNS for the client and the PC setting becomes unnecessary.
The other option is to have the user connect to the VPN, then when the virtual adapter shows up, if its not already there, you can disable the setting at that time.
 
0
 

Author Comment

by:WyleHou
ID: 33525741
Yes, we do use group policies in our network.  Are you saying to disable the setting on all connections and then just let the DHCP server register the client with DNS?  If so do you know where in the GP setting is located?
0
 
LVL 4

Expert Comment

by:Dave773
ID: 33525803
I would just disable it in the vpn virtual adapter setting manually to start.
0
 

Author Comment

by:WyleHou
ID: 33525984
I just talked to the user and they were using the checkpoint but have now switched to a Juniper client and it does create a connection only when connected.  I had the user uncheck the setting when he was connected and then reconnect and the setting stayed.  I think this is going to fix the issue.
0
 
LVL 4

Expert Comment

by:Dave773
ID: 33526012
Nice. Let me know.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question