Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


DNS across a VPN tunnel

Posted on 2014-03-25
Medium Priority
Last Modified: 2014-03-26
Dear Experts,
      My company has a production environment (domain name = and an office environment (domain name =   In the production environment, we have a set of Cisco ASA 5515 firewalls (managed by our datacenter) and at the office we have a set of Sonic Wall’s (managed by me).  I worked with the data center engineers to setup a site to site IKE tunnel between the sonic walls and I can now remote desktop and communicate with servers in the corp domain from the office domain and vice versa with no problems.  
      The problem is I can only access my servers on both sides by IP Address.  I realize there needs to be some form of DNS setup between the domains that I don’t fully understand.  I was able to setup a secondary zone on one of my office DNS servers that pulled down a copy of Corp.  I can now use a remote desktop session across the tunnel by using –   This works from the office to corp but not vice versa.  Do I need to do the same thing on the Corp side or is there just a better way to set all this up.
      Currently, all my servers are Microsoft Server 2012.

Would appreciate any and all help.
Question by:hexvader
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 16

Accepted Solution

Dirk Mare earned 2000 total points
ID: 39954077
Yes it will work if you create a secondary zone on the domain side. You can also setup DNS forwarders on the domain side to FW request to another DNS server.


Author Closing Comment

ID: 39957048
Since you were the only reply Ill give you the points.  I was aware this could be done and once I set it up it did work perfectly. I was just hoping for a better way.

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question