Solved

Remote desktop connection can't find computer...

Posted on 2010-09-07
26
512 Views
Last Modified: 2013-12-14
My users at a remote site are continually getting this error. Sometimes it goes away quickly while others it doesn't. They say they still have access to the network drives so i'm not sure what's going on. The sites are connected via VPN through a SonicWall firewall.


ts1-prob.png
0
Comment
Question by:SECC_IT
  • 9
  • 9
  • 4
  • +3
26 Comments
 
LVL 10

Expert Comment

by:jorlando66
ID: 33620799
try using the fully qualified domain name does that work? for example ts1.yourdomain.com
0
 
LVL 9

Expert Comment

by:TBK-Consulting
ID: 33620814
Typically DNS does not work thru VPN - try connecting using the actual ip address of the end computer you are trying to control.
0
 
LVL 33

Accepted Solution

by:
digitap earned 500 total points
ID: 33620824
If you access via IP, does the same error occur?  My guess is the local computer is caching the DNS name to an IP and the IP is changing.  How do you have DNS setup between the two sites?  This is a site to site between two sonicwall appliances, right?
0
 

Author Comment

by:SECC_IT
ID: 33620834
This is something that works fine with my other site. I'll ask that they try typing in the IP.
0
 

Author Comment

by:SECC_IT
ID: 33620852
digitap, the server is obviously a static IP. The SonicWall is the DNS server this site but the other site has a 2003 server for it's DNS.

Yes, site to site via SonicWall firewalls.
0
 
LVL 10

Expert Comment

by:jorlando66
ID: 33620867
DNS will work through vpn if it is set up properly.  
0
 

Author Comment

by:SECC_IT
ID: 33620889
Like I said, it still works... just randomly gets this error. It can get this error for half an hour and then be fine... could be five minutes then it's fine. Random.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33620906
I agree with jorlando66...DNS will work across a VPN...what you might consider is using the 2003 DNS server in place of the remote site's sonicwall as primary DNS.  Use the sonicwall as the secondary.  The only caveat to be aware of is the latency across the VPN.  If the 2003 DNS server responds too slowly, then the workstations will default to the secondary which is the sonicwall.  Shouldn't be a problem as this is what you are using now.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33620929
you might consider checking the log files and see if the sonicwall appliances are dropping the VPN.  Confirm speed/duplex setting (auto by default) on the WAN interface.  100MB/Full, 10MB/Half, etc.  You might also consider reviewing an article I wrote on properly configuring the MTU of the WAN interface.  If set incorrectly, can cause a sonicwall to drop packets preventing VPN connections from staying connected.http://www.experts-exchange.com/viewArticle.jsp?aid=3110
0
 

Author Comment

by:SECC_IT
ID: 33621018
I don't see any VPN tunnel connections dropped.

The MTU was one thing I was wondering about because it was affecting my main site. I'll look into all your suggestions and get back to you. Thanks.
0
 

Author Comment

by:SECC_IT
ID: 33626391
I corrected the MTU though it seems it wasn't far off. ISP has been switched since I've been here. Still pretty new to the company.

Typing in the actual IP address worked perfectly. Under Network --> Settings, the DNS servers are set to external DNS servers (the ones we use for our web hosting I believe). I had set the first one to our main site's DNS server. I just switched it back to the two external ones first and the internal DNS to last. I am a bit confused though as these are two completely different types of DNS servers. What is supposed to go where? There is also Dynamic DNS with nothing setup.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33626531
disregard dynamic dns as it doesn't apply to what you're currently working on.  look at the dhcp scope configuration for your internal hosts on the sonicwall.  what dns server ip is it handing out?  an internal or external one? if external, change it to the internal ip and remove all other entries.  if it's already internal, remove the external entries leaving only the internal ip.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33626536
do these workstations authenticate to the domain across the vpn?
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:SECC_IT
ID: 33626555
Okay, I made sure it's only the internal DNS server.

Yes, each site is authenticated through our main site.
0
 
LVL 2

Expert Comment

by:edwarneke
ID: 33626593
If you are only typing in the server name(ts1) and not the FQDN (ts1.mydomain.local) then you are using WINS(netbios) to resolve this name. If your WINS server is not configured correctly, you won't resolve the name and you will receive this error as it isn't using DNS. Try verifying your WINS configuration is correct, use the IP, or use the FQDN and that should fix your problem.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33626745
WINS won't resolve over the VPN without an IP Helper.  If you have clients authenticating to the domain, you really need a DC at this remote site.  Things would go a lot smoother for you.

Regarding the IP Helper, here's a sonicwall KB article that can help you configure that.

http://www.sonicwall.com/downloads/ip_helper.pdf
0
 

Author Comment

by:SECC_IT
ID: 33626773
Yes, I've been after them for a server at this site as well as a new backup server. Unfortunately I get nothing. Thanks for the link.
0
 

Author Comment

by:SECC_IT
ID: 33626789
Unfortunately IP Helper isn't an option with the SonicWall at this location. Thanks for the information to back up my statements of needing a server even further.
0
 
LVL 10

Expert Comment

by:jorlando66
ID: 33626812

Check your dns and make sure forwarders are set up to external dns sources.  No external dns server address should be handed out to client.  

Check netbios settings for the servers themselves.  
Under server's lan connection make sure register suffix is checked under dns
Make sure append primary and parent suffix is checked

under wins make sure enable netbios from dhcp is checked
0
 
LVL 2

Expert Comment

by:edwarneke
ID: 33628124
You could put the server information in the hosts file, but I personally hate hard coding IP information in case the server IP changes.

The hosts file is generally located at:
C:\Windows\System32\drivers\etc

Windows folder can change based on OS.

In there, you'd enter the server name(ts1) and then the IP it should map to. There is an example in the hosts file.
0
 
LVL 10

Expert Comment

by:jorlando66
ID: 33628339
WINS isnt routable.  You would need the helper, but check the dns settings none the less.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33630275
IP Helper may not be a part of the standard OS on the sonicwall.  I think you have enough information here to "patch" your current issue.  Obviously, as you already know, a local domain controller is the obvious long term solution.

Solutions by the other experts:

- Hosts file entries.  http:#a33628124
- FQDN http:#a33620799
- Manually configured suffix http:#a33626812
- Primary DNS being the remote, internal DNS server http:#a33620906
0
 
LVL 3

Expert Comment

by:PlugThatInWhere
ID: 33648202
Lets get more Information:
When the user is not able to reach the TS1 server have them go to DOS and PING TS1 .  My guess is they are not able to resolve it (the Public DNS server has no idea who TS1 is) or they get an incorrect IP (your ISP will provide a Search Server IP to redirect you to, some ISPs do this)

I would look at the config of the Sonicwall.  
You will need to configure the DHCP settings to pass out your AD DNS server IPs to the clients, not the IP of the Sonicwall.  This will make sure they are able to Resolve the correct IP, but will require your VPN to be up in order to broswe the internet.

If your Sonicwall happens to have an AD DNS server defined in it its local config [or you are passing out both an ISP DNS and an AD DNS to the clients] (which would explain why it sometimes works), then you could just make sure that it Only has AD DNS servers defined in it (either in the Firewall system setting or the DHCP server settings).  I would not think Sonicwall would use a DNS server over a VPN tunnel, but it could happen.

David
0
 
LVL 33

Expert Comment

by:digitap
ID: 33676586
thanks for the points!
0
 

Author Comment

by:SECC_IT
ID: 33681069
I'm just going to have them use the IP until I can get a server there. This further weighs in on my side in argument that we need one. Thanks for all the replies.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33683254
Your welcome!  Hope you win your server!
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Problem to be resolved in this article Currently, development of website and web application can be done without writing thousands of lines of programming code by hand. Description This can be done through by using a open source framework such …
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now