Link to home
Start Free TrialLog in
Avatar of itadminnek
itadminnekFlag for Afghanistan

asked on

VPN Tunnel and DNS Not Working Together?

We just connected two companies via VPN tunnel and we are trying to browse to each others server via the run command by doing: \\servername but it doesn't work. I tried adding the new DNS server's IP to the DNS list on the client's PC that I am trying to do this on and it still doesn't work. The only way I can get it to work is to type in the actual IP address and then it works...any ideas why I can just type in the server name?
Avatar of Brandon
Brandon
Flag of United States of America image

What router/device are you using?

i.e. sonicwall, cisco, etc.
Avatar of itadminnek

ASKER

Cisco...but I didn't setup the VPN tunnel nor do I know anything about it...out ISP set it up for us
itadminnek,

your netbios (computer names) routing is not enabled. While i could attach some how to links, I'm not a cisco expert and will let an expert help with that.

If you have support from your ISP you could ask them to enable the netbios routing over the vpn tunnel. shouldn't take to long.

Good luck and sorry I do not have the expertise to help you.
I talked to my ISP and they say that there is nothing close...Netbios is enabled...but they came back and said that I need a WINS server to able to make this functional...does that make sense and how would I create a WINS server?
SOLUTION
Avatar of Qlemo
Qlemo
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Couldn't I just add the DNS IP address from the other company to my DNS forwarder list and it should be able to resolve then?
No, that does not make sense at all. I do not think they know what they are talking about. As long as you have DNS running correctly on the internal network, name resolution should work just fine across the vpn. I'm sure a cisco routing expert can help but it will require you to go into the configuration.
How do you setup a WINS server?
Or are there any other options that you guys can think of?
Okay so I tried to Add a Role on my 2008 Windows Server but WINS is not an option to add...any ideas why?
It is not a role but a feature.
DNS forwarding works if you use the full DNS name, not the NetBIOS name. A UNC path would then be:
   \\server.at.other.site\share
and the forwarder needs to be configured to forward .at.other.site requests.
So after I install the WINS feature on my server...Do I need to configure it or should it just start collecting information? Is installing the WINS feature going to mess up the DNS?
If you distribute the WINS server IP with DHCP, it should auto-populate very quickly. Else it relies on listening to NetBIOS broadcasts (IIRC).

I recommend to add WINS Forward Lookup to your internal DNS zone entry (Properties » WINS, check "WINS Forward Lookup" and enter the WINS server IP).
That way DNS is asking WINS, if nothing can be found.

And no, WINS does not interfere with DNS. Internally there is no difference for names, and else you use fully qualified domain names anyway.
Hi Qlemo,

I am new at the so maybe I don't understand but I added the WINS to the zone like you said and nothing is populating in WINS...am I doing something wrong?

Please advise!
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I tried changing the 046 Type to h-node but it wouldn't accept it...I currently have the WINS set for the IP address on DHCP but can't change the Node Type. It errors out and says "Enter a valid integer from 0 to 255 or 0 to 0xff"

Any ideas?
0x8 is H-Node. The description of the option should tell which integer corresponds to each node type.
However, that node type is not that important. It will only make sure DNS is asked first, and usually speed up name queries that way - at least with older OS, IIRC XP and above ask DNS first anyway.
Okay...I set those up and did a IP renew but there is still nothing showing up in the WINS screen...where should I be seeing the entries? Active Registrations?
Yes. You will have to search for something via the context menu - best for owner, then "All owners".
Okay I got it populated...would anything else have to be done or should I be able ping via computer name on the other side of the tunnel
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Got it! Thanks!
Its still not working kind of...it works on my side but not on their side. I changed my DNS to point to their WINS, I changed my DCHP server options to look at their WINS server and my side does work. Our DNS names and not showing up in their WINS though...and when I try adding the WINS server from our side it errors out and says "Access is denied." Am I doing something wrong? Is the Replication Partners the way to go?

Let me know...thanks!
and when I try adding the WINS server from our side it errors out and says "Access is denied."
Can you describe the steps you take for that?

But anyway, use one WINS server as the "master", and set up another one for replication. You can then put into DNS the local WINS server, to speed up name queries.
There is an option in the WINS window to Add another WINS server, so I added theirs and double clicked on it but it comes back with that error.

The other site already had a WINS server so I figured I would use theirs as the master and then I set up replication in their WINS to pull from our WINS but only a hand full of names showed up and even when I tried to ping those name I couldn't resolve them.

Any ideas? Am I missing something?
Did you set up each WINS server as replication partner in Push/Pull mode? That allows for faster notification about changes.

In the WINS window, adding a server allows to manage that server. It is not related to replication. You can't provide credentials, so your account needs to have admin access to the other server - if not, "Access is denied" is the result.
Okay that worked but now I am noticing that not all of my computer names are showing in our WINS thus not getting replicated...like all the server names are not showing up. The server name do exist in the our DNS though.

Any ideas?
Could it be because all the server has static IPs or doesn't that matter?
Yes...that's what it was...after I mapped the static IPs it works...thanks again for the help!
Machines having static IPs (and hence not using DHCP) need to have set up WINS manually in their NIC's TCP/IP settings, to allow them to register in WINS. Or you create static WINS entries yourself, as you have done.
So are you saying that if I add the WINS IP address to the static IP servers that they will show up in the WINS?
Positive.
I have a Redhat server that is static and I cant add the WINS server to it so I added it to the WINS manually but it still doesn't work on the other side...is that normal? Would it work because its Redhat or doesn't it matter?
If the Redhat server does not provide Samba services, no NetBIOS will be used (and needed). I'm not positive whether Redhat and WINS should work together, but if you add a static entry it should work IMHO - I might be wrong with that, though.