VPN Tunnel and DNS Not Working Together?

We just connected two companies via VPN tunnel and we are trying to browse to each others server via the run command by doing: \\servername but it doesn't work. I tried adding the new DNS server's IP to the DNS list on the client's PC that I am trying to do this on and it still doesn't work. The only way I can get it to work is to type in the actual IP address and then it works...any ideas why I can just type in the server name?
itadminnekAsked:
Who is Participating?
 
QlemoConnect With a Mentor Batchelor, Developer and EE Topic AdvisorCommented:
It should work now, as long as either the DNS or the WINS server of this site is asked for name resolution.

But: Reading your question again, you are trying to get access from both sites? Then you will have to set up a single WINS server only, which is responsible for both sites. Creating a secondary WINS server on the other site (doing replication) is an option, and if set up to be asked by the other site might speed up name resolution.
The important point is that BOTH sites are collected into one WINS server, and there are no name collisions.
0
 
BrandonProject Manager, IT Systems and Software DesignCommented:
What router/device are you using?

i.e. sonicwall, cisco, etc.
0
 
itadminnekAuthor Commented:
Cisco...but I didn't setup the VPN tunnel nor do I know anything about it...out ISP set it up for us
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
BrandonProject Manager, IT Systems and Software DesignCommented:
itadminnek,

your netbios (computer names) routing is not enabled. While i could attach some how to links, I'm not a cisco expert and will let an expert help with that.

If you have support from your ISP you could ask them to enable the netbios routing over the vpn tunnel. shouldn't take to long.

Good luck and sorry I do not have the expertise to help you.
0
 
itadminnekAuthor Commented:
I talked to my ISP and they say that there is nothing close...Netbios is enabled...but they came back and said that I need a WINS server to able to make this functional...does that make sense and how would I create a WINS server?
0
 
QlemoConnect With a Mentor Batchelor, Developer and EE Topic AdvisorCommented:
It makes sense. WINS server remove the need for relying on NetBIOS broadcasts, which do not work over router (without additional features on the router).
Just install WINS on a server on each site. WINS will then collect all machines in the network it runs.
Then you'll have to provide each other's WINS server on ANY client (or distribute it with DHCP), so they can use it.

The reason why adding another DNS server does not help is simple: Only the first DNS server is queried. Only if it does not reply, which means it is not reachable, will other DNS servers be asked. Hence you will always have only a single active DNS server.

If you have your own DNS server locally, e.g. on a Windows Server machine, you can add static entries for the remote machine names there. Instead you can add IP addresses and hostnames into %SystemRoot%\system32\etc\drivers\lmhosts (again on each client).
0
 
itadminnekAuthor Commented:
Couldn't I just add the DNS IP address from the other company to my DNS forwarder list and it should be able to resolve then?
0
 
BrandonProject Manager, IT Systems and Software DesignCommented:
No, that does not make sense at all. I do not think they know what they are talking about. As long as you have DNS running correctly on the internal network, name resolution should work just fine across the vpn. I'm sure a cisco routing expert can help but it will require you to go into the configuration.
0
 
itadminnekAuthor Commented:
How do you setup a WINS server?
0
 
itadminnekAuthor Commented:
Or are there any other options that you guys can think of?
0
 
itadminnekAuthor Commented:
Okay so I tried to Add a Role on my 2008 Windows Server but WINS is not an option to add...any ideas why?
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
It is not a role but a feature.
DNS forwarding works if you use the full DNS name, not the NetBIOS name. A UNC path would then be:
   \\server.at.other.site\share
and the forwarder needs to be configured to forward .at.other.site requests.
0
 
itadminnekAuthor Commented:
So after I install the WINS feature on my server...Do I need to configure it or should it just start collecting information? Is installing the WINS feature going to mess up the DNS?
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
If you distribute the WINS server IP with DHCP, it should auto-populate very quickly. Else it relies on listening to NetBIOS broadcasts (IIRC).

I recommend to add WINS Forward Lookup to your internal DNS zone entry (Properties » WINS, check "WINS Forward Lookup" and enter the WINS server IP).
That way DNS is asking WINS, if nothing can be found.

And no, WINS does not interfere with DNS. Internally there is no difference for names, and else you use fully qualified domain names anyway.
0
 
itadminnekAuthor Commented:
Hi Qlemo,

I am new at the so maybe I don't understand but I added the WINS to the zone like you said and nothing is populating in WINS...am I doing something wrong?

Please advise!
0
 
QlemoConnect With a Mentor Batchelor, Developer and EE Topic AdvisorCommented:
Reread some doc, and it seems that WINS is populated and maintained only if each client to register knows of the WINS server, that is:
You need to set the WINS server address up on each (local) client and server you want to reach, if you have static IP addresses (no DHCP).
With DHCP, set the WINS Server option, and option 046 WINS/NBT Node Type to h-node, in the DHCP Scope settings. If you then force taking over DHCP options with  ipconfig /renew  on a client, that client should be visible in WINS (and hence resolved), else you will have to wait for next automated renewal, which can last several days.
0
 
itadminnekAuthor Commented:
I tried changing the 046 Type to h-node but it wouldn't accept it...I currently have the WINS set for the IP address on DHCP but can't change the Node Type. It errors out and says "Enter a valid integer from 0 to 255 or 0 to 0xff"

Any ideas?
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
0x8 is H-Node. The description of the option should tell which integer corresponds to each node type.
However, that node type is not that important. It will only make sure DNS is asked first, and usually speed up name queries that way - at least with older OS, IIRC XP and above ask DNS first anyway.
0
 
itadminnekAuthor Commented:
Okay...I set those up and did a IP renew but there is still nothing showing up in the WINS screen...where should I be seeing the entries? Active Registrations?
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Yes. You will have to search for something via the context menu - best for owner, then "All owners".
0
 
itadminnekAuthor Commented:
Okay I got it populated...would anything else have to be done or should I be able ping via computer name on the other side of the tunnel
0
 
itadminnekAuthor Commented:
Got it! Thanks!
0
 
itadminnekAuthor Commented:
Its still not working kind of...it works on my side but not on their side. I changed my DNS to point to their WINS, I changed my DCHP server options to look at their WINS server and my side does work. Our DNS names and not showing up in their WINS though...and when I try adding the WINS server from our side it errors out and says "Access is denied." Am I doing something wrong? Is the Replication Partners the way to go?

Let me know...thanks!
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
and when I try adding the WINS server from our side it errors out and says "Access is denied."
Can you describe the steps you take for that?

But anyway, use one WINS server as the "master", and set up another one for replication. You can then put into DNS the local WINS server, to speed up name queries.
0
 
itadminnekAuthor Commented:
There is an option in the WINS window to Add another WINS server, so I added theirs and double clicked on it but it comes back with that error.

The other site already had a WINS server so I figured I would use theirs as the master and then I set up replication in their WINS to pull from our WINS but only a hand full of names showed up and even when I tried to ping those name I couldn't resolve them.

Any ideas? Am I missing something?
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Did you set up each WINS server as replication partner in Push/Pull mode? That allows for faster notification about changes.

In the WINS window, adding a server allows to manage that server. It is not related to replication. You can't provide credentials, so your account needs to have admin access to the other server - if not, "Access is denied" is the result.
0
 
itadminnekAuthor Commented:
Okay that worked but now I am noticing that not all of my computer names are showing in our WINS thus not getting replicated...like all the server names are not showing up. The server name do exist in the our DNS though.

Any ideas?
0
 
itadminnekAuthor Commented:
Could it be because all the server has static IPs or doesn't that matter?
0
 
itadminnekAuthor Commented:
Yes...that's what it was...after I mapped the static IPs it works...thanks again for the help!
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Machines having static IPs (and hence not using DHCP) need to have set up WINS manually in their NIC's TCP/IP settings, to allow them to register in WINS. Or you create static WINS entries yourself, as you have done.
0
 
itadminnekAuthor Commented:
So are you saying that if I add the WINS IP address to the static IP servers that they will show up in the WINS?
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Positive.
0
 
itadminnekAuthor Commented:
I have a Redhat server that is static and I cant add the WINS server to it so I added it to the WINS manually but it still doesn't work on the other side...is that normal? Would it work because its Redhat or doesn't it matter?
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
If the Redhat server does not provide Samba services, no NetBIOS will be used (and needed). I'm not positive whether Redhat and WINS should work together, but if you add a static entry it should work IMHO - I might be wrong with that, though.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.