Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

VPN Clients and DNS

Posted on 2014-03-26
11
Medium Priority
?
274 Views
Last Modified: 2014-05-29
I have a strange issue with my remote clients (those that dont have a local DHCP/DNS server) that are getting duplicate records in DNS.
Here is a post that is related: http://www.experts-exchange.com/Networking/Protocols/DNS/Q_28390927.html

Ideas how to stop the duplicates?

Thanks
0
Comment
Question by:CHI-LTD
  • 8
  • 3
11 Comments
 
LVL 3

Accepted Solution

by:
Guillermo Feijóo earned 2000 total points
ID: 39959452
How is the DNS zone on the DNS servers configured to update records?
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39959471
not sure i follow you?
0
 
LVL 3

Expert Comment

by:Guillermo Feijóo
ID: 39959544
ok.

  I´ve reading the link you provided.  wich DNS records update policy are you using actually? If there are duplicated records for the same hostname with different IP,there is obviously an obsolete PTR record that should be manually removed (the one that points to the wrong IP) To find the problem, first we need to know how is the DNS zone configured to update records.
 
  In your other related post on experts-exchange, you´ve been prompted to run "Dnscmd /Config /OpenACLOnProxyUpdates 0 " on a ws2008.
If you are using secure only updates, the dhcp server that owns the scope where you have wrong PTR records is a 2008 and you havent ran the command,you should remove the wrong record, run  the command and keep an eye on the PTR records for the DNS zone, to check if the command works.
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
LVL 1

Author Comment

by:CHI-LTD
ID: 39959564
oll my dhcp servers all are dynamically set.

i have also ran that command on all dhcp/dns server (also DCs) and rebooted DHCP.

i will delete another one of the records and update results here..

ps - the machines that are consistently duplicating are remote machines over a vpn connection, with IPs distributed by the firewall.  no real involvement from dns or dhcp..

just wondering is we actually need to have the reverse lookup zone for these remote users?
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39959570
we did have wins enabled at one point on the servers..
0
 
LVL 3

Expert Comment

by:Guillermo Feijóo
ID: 39961109
so the problem is solved?
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 39961275
no, same
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 40049880
same problem.  
narrowed down to DNS not updating the remote clients @ 10.255 range on the DNS servers, and these clients still referencing an IP address in DNS that is LAN based e.g 192.168 or 172.19 IP.
Also we think NAT could be an issue now.
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 40049885
proved by manually deleting the dns record of the client pointing to the 192 LAN ip and then re-connect on the vpn which then shows correct 10.255 ip on the correct zone in DNS.  I can then ping servers over the branch VPN to other servers.
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 40058736
going to change the scavenging back to defaults
0
 
LVL 1

Author Closing Comment

by:CHI-LTD
ID: 40098298
nailed down the zones to refresh after hours, that then cleared up the old DNS records.

Still doesnt help clear old LAN records/computers...
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question