Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5182
  • Last Modified:

How can I configure the default DNS suffix for a VPN connection

We have a Forefront TMG gateway which staff use to make a VPN connection to the office network. When on VPN, it is only possible to access computers on the network using the fully qualified domain name (FQDN) and not just the hostname. I notice that the DNS Suffix for the VPN connection on my computer is not defined. If I set it to our domain, I am able to access computers by hostname. Is there a way to configure the TMG server/DHCP server such that the DNS suffix is assigned for all VPN client connections?

Or, is there a way to configure our DNS server to automatically append our domain suffix for any non-FQDN requests?
0
jpguillebaud
Asked:
jpguillebaud
1 Solution
 
blakogreCommented:
Are you using Microsoft DHCP?  It does not support a DNS suffix search order.  Check out:

http://support.microsoft.com/kb/275553

It's a registry setting, and the article provides these options:

Sample Regini script
Create a text file with the following two lines of text and save it as the Suffix.txt file. The following spacing must be exactly as shown, where adatum.xxx signifies a domain suffix. Up to six domain suffixes may be specified. The search order is left to right.
\Registry\Machine\System\CurrentControlSet\Services\TCPIP\Parameters
SearchList="testadatum.com,test2adatum.net,test3adatum.gov"
Copy the Regini.exe and Suffix.txt files to the preceding location and run the regini.exe suffix.txt command.

When the script has updated the registry, you must restart the computer for the settings to be updated.

To run the script you must have administrator or system-level access to the computer.

Note Another method is to use Microsoft Windows Script Host:
Create a file with the .vbs extension (for example, C:\add.vbs).
Add the following two lines to the file:

SET WSHShell = CreateObject("WScript.Shell")
WSHShell.RegWrite "HKLM\System\CurrentControlSet\Services\TCPIP\Parameters\SearchList", "testadatum.com,test2adatum.net,test3adatum.gov", "REG_SZ"

(the second line starts with "WSHShell.RegWrite" and ends with "REG_SZ")
Double-click the file to run or at a command prompt, type C:\add.vbs


0
 
arnoldCommented:
There is no real need to maniulate the resitry.
It all depends on what type of VPN connection is being setup.
If this is using a PPTP/L2TP or (ipsec on windows 7), you can within the connection properties define the remote LAN DNS servers as well as search domain which will only be in effect when the connection is established.

The other option on the server to configure the push of the domain name, and DNS records to the VPN client when the connection is established.
0
 
jpguillebaudAuthor Commented:
Thank you, your second idea worked.
0
 
SUSDSysAdmCommented:
RRAS Windows 2008 R2
I'm  having the same issue with our MSFT VPN sever.
I'm having to manulaly type in the DNS suffix to have clients work properly.
Where and what settings were needed in order to define the push DNS settings to clients connecting to the VPN server or device?
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now