sedberg1
asked on
VPN and DNS Issue with Server 2008
I have this issue with VPN clients. They are using a 2008 R2 x64 as their RRAS server, 192.168.18.2, hostname = server1.domain.local. The RRAS server is handing out from a static pool, 192.168.18.121-160. The DHCP server (same server) is handing out 192.168.18.60-120. The scope options are router = 18.1, DNS=18.2, and DNS suffix is domain.local. The DNS server (same server) is using two public DNS servers from the ISP as its forwarders.
When I connect to the network via VPN, I have no problem accessing anything inside their network by IP, but by hostname, this is what happens.
Pinging server1 = resolves to public IP that I don't even recognize and is NOT the public IP of this network
Pinging server1.domain.local = resolves to internal IP
Nslookup server1 = resolves to same random IP
Nslookup server1.domain.local = resolves to internal IP
I have run into this problem VPN'ing from several networks so there is something that the server is misconfigured with rather than the remote locations that I am VPN'ing from. Any suggestions?
When I connect to the network via VPN, I have no problem accessing anything inside their network by IP, but by hostname, this is what happens.
Pinging server1 = resolves to public IP that I don't even recognize and is NOT the public IP of this network
Pinging server1.domain.local = resolves to internal IP
Nslookup server1 = resolves to same random IP
Nslookup server1.domain.local = resolves to internal IP
I have run into this problem VPN'ing from several networks so there is something that the server is misconfigured with rather than the remote locations that I am VPN'ing from. Any suggestions?
chakko
Add a WINS service to your Server if you don't have one and configure the RRAS with a scope setting to assign WINS server address to the VPN clients.
ASKER
I'd prefer not to get WINS involved. There's a reason MS is phasing it out.
ASKER
That also doesn't answer why pinging just the hostname resolves to some unknown public IP.
if you just ping by NAME that is a NETBIOS name, WINS is for NETBIOS names.
if you just ping SERVER1 then the reply is a foreign IP, but was is the full ping response.
It probably has SERVER1.somedomain.com in the reponse.
So somewhere it is creating a FQDN. I don't know where.
If you don't want to use WINS (no reason to not use it) then your alternative is configuring entries in HOSTS or LMOSTS files on the workstations.
The WINS setting is there in the RRAS and DCHP if you want to use NETBIOS names.
if you just ping SERVER1 then the reply is a foreign IP, but was is the full ping response.
It probably has SERVER1.somedomain.com in the reponse.
So somewhere it is creating a FQDN. I don't know where.
If you don't want to use WINS (no reason to not use it) then your alternative is configuring entries in HOSTS or LMOSTS files on the workstations.
The WINS setting is there in the RRAS and DCHP if you want to use NETBIOS names.
If you do try out WINS then you need to put the WINS setting in your servers TCP/IP settings also so that they register and create the records in the WINS service. Or you can put Static entries inside of WINS for your server IP addresses.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.