Solved

VPN Win7/8 and Server 2008R2 client name resolution

Posted on 2013-11-11
7
818 Views
Last Modified: 2013-11-14
Hello,

I'm hoping that this is a simply fix (I'm sure that it is).  I have a Windows 2008 R2 domain/VPN server and have clients connect from home now and then.

When I connect from home I'm unable to access any internal resources via DNS.  I must enter the IP address of any server to access it (which is rather annoying).  I can ping and everything else works fine.. it' just seems to be internal DNS name resolution.

I'm sure that this is a DNS issue.. but wondering if anyone has come accross this in the past and how to resolve this under 2008 R2 and Win7/8?

Thank you and looking forward to your replies!

Jeremy
0
Comment
Question by:superITdude
  • 3
  • 3
7 Comments
 
LVL 4

Assisted Solution

by:FutureTechSysDOTcom
FutureTechSysDOTcom earned 50 total points
ID: 39639677
Yes!  Actually I have.

http://support.microsoft.com/kb/314108

Sample:

192.168.1.20      SERVERNAME #PRE #DOM:DOMAIN.COM
192.168.1.20      "DOMAIN.COM     \0x1b"
192.168.1.21      FILESERVER #PRE

The second line won't be a direct copy and paste for you... it has to be a specific number of characters long.

The solution will be totally on the workstation end of things.  It's easiest to create a working LMHOSTS file and then just copy it onto the workstations manually.

Hope this helps!
Regards,
Chris M.
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 200 total points
ID: 39639841
Alternatively, in the VPN virtual NIC configuration make sure DNS points only to your internal DNS server and under advanced TCP/IP IPV4 properties on the DNS tab add the domain suffix such as mydomain.local, in the use this suffix for this connection.  It is explained in detail in the following .  The link also points to another as to other options such as Host and LMHosts files
http://blog.lan-tech.ca/2011/05/14/vpn-client-name-resolution-2/
0
 

Author Comment

by:superITdude
ID: 39642457
Hello,

Thank you for the replies.  I know that the LMhost file would work, but sort of need something that can resolve names (as we have a good few machines... and this list changes now and then).  Thank you for the suggestion, however I need something a bit more dynamic.

RobWill:  Thank you.  This is exactly what I was looking for.  Is there anyway I can get our DHCP server to pass this information on automatically?  If so.. this would be the ideal solution!  Also.. if I have a mac.. do you know where I would enter this information?

Thank you again
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 77

Accepted Solution

by:
Rob Williams earned 200 total points
ID: 39642478
What are you using for a VPN server and client?  If using the Windows VPN client you can pre-package a deployable VPN client with all the options included using CMAK (Connection  Manager Administration Kit).   It may look daunting to some but just using most of the defaults you can do so very easily, but if you want to get 'fancy' you can add al sorts of customizations and restrictions, even your own logo.  The details are outlined in the following site:
http://blog.lan-tech.ca/tag/cmak/

Once done just send the "package" to the client, they double click on it and it installs.  No manual configuring of the VPN client.  It saves a lot of head aches and support calls.
0
 

Author Comment

by:superITdude
ID: 39647975
That's awesome.  RobWill: I didn't know that this tool existed.

Thank you!  You've all helped alot.

Cheers!
0
 

Author Comment

by:superITdude
ID: 39647995
RobWill: Sorry... we are going to be using the default Windows 7 VPN client along with SSTP.

Thank you

Jeremy
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39648198
CMAK should work well for you.
Thanks Jeremy and best of luck with the project.
--Rob
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now