Solved

How can I configure the default DNS suffix for a VPN connection

Posted on 2011-03-01
4
4,058 Views
Last Modified: 2012-05-11
We have a Forefront TMG gateway which staff use to make a VPN connection to the office network. When on VPN, it is only possible to access computers on the network using the fully qualified domain name (FQDN) and not just the hostname. I notice that the DNS Suffix for the VPN connection on my computer is not defined. If I set it to our domain, I am able to access computers by hostname. Is there a way to configure the TMG server/DHCP server such that the DNS suffix is assigned for all VPN client connections?

Or, is there a way to configure our DNS server to automatically append our domain suffix for any non-FQDN requests?
0
Comment
Question by:jpguillebaud
4 Comments
 
LVL 9

Expert Comment

by:blakogre
ID: 35010679
Are you using Microsoft DHCP?  It does not support a DNS suffix search order.  Check out:

http://support.microsoft.com/kb/275553

It's a registry setting, and the article provides these options:

Sample Regini script
Create a text file with the following two lines of text and save it as the Suffix.txt file. The following spacing must be exactly as shown, where adatum.xxx signifies a domain suffix. Up to six domain suffixes may be specified. The search order is left to right.
\Registry\Machine\System\CurrentControlSet\Services\TCPIP\Parameters
SearchList="testadatum.com,test2adatum.net,test3adatum.gov"
Copy the Regini.exe and Suffix.txt files to the preceding location and run the regini.exe suffix.txt command.

When the script has updated the registry, you must restart the computer for the settings to be updated.

To run the script you must have administrator or system-level access to the computer.

Note Another method is to use Microsoft Windows Script Host:
Create a file with the .vbs extension (for example, C:\add.vbs).
Add the following two lines to the file:

SET WSHShell = CreateObject("WScript.Shell")
WSHShell.RegWrite "HKLM\System\CurrentControlSet\Services\TCPIP\Parameters\SearchList", "testadatum.com,test2adatum.net,test3adatum.gov", "REG_SZ"

(the second line starts with "WSHShell.RegWrite" and ends with "REG_SZ")
Double-click the file to run or at a command prompt, type C:\add.vbs


0
 
LVL 78

Accepted Solution

by:
arnold earned 125 total points
ID: 35011302
There is no real need to maniulate the resitry.
It all depends on what type of VPN connection is being setup.
If this is using a PPTP/L2TP or (ipsec on windows 7), you can within the connection properties define the remote LAN DNS servers as well as search domain which will only be in effect when the connection is established.

The other option on the server to configure the push of the domain name, and DNS records to the VPN client when the connection is established.
0
 

Author Closing Comment

by:jpguillebaud
ID: 35012184
Thank you, your second idea worked.
0
 

Expert Comment

by:SUSDSysAdm
ID: 36146635
RRAS Windows 2008 R2
I'm  having the same issue with our MSFT VPN sever.
I'm having to manulaly type in the DNS suffix to have clients work properly.
Where and what settings were needed in order to define the push DNS settings to clients connecting to the VPN server or device?
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question