Registering a Computer on DNS of another subnet
We have a Fortigate 101E Security Appliance. Port 1 is connected to a LAN with a DHCP Server running on a Windows Server 2008 R2 computer. The DHCP server hands out addresses from a 192.168.0.0/16 subnet. Port 10 is configured with a DHCP Server enabled that hands out an address from a 172.16.0.0/16 subnet to a laptop connected to that port. There are static routes and IPv4 policies entered so we can successfully be on one subnet and ping an address on the other subnet. However, there is no name resolution yet. The DHCP server enabled on port 10 is handing out the address of the DNS server on the other subnet (192.168.0.0/16) but when the laptop gets handed a 172.16.X.X address (and the address of the DNS server 192.168.X.X) that address is not registering on the DNS server of the 192.168.0.0 subnet. How can I get addresses on the 172.168.0.0 network to register on the DNS server of the 192.168.0.0 network?
Brian B
You will have to create a new lookup zone and put a new a record with the appropriate address. That will of course not work for a system that gets moved between zones.
ASKER
Under Forward Lookup Zones there's a folder with our domain's fully qualified name. Can addresses from a different subnet be registered in this folder?
Yes, that what it's for. Since you already have the required new zone there you can use that.
ASKER
Is there a way to have the client register its address with the DNS server on the other subnet when the client is given an address from its DHCP server or do I have to enter the address in manually? Note: The DHCP server gives the client the address of the DNS server on the other subnet when it gives the client an ip address to use.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Is the host unauthorized because our primary (original) DHCP server isn't handing out the addresses to the new subnet, or because the address of the host is on a different subnet, or for some other reason?
It isn't on the domain with an address range where the DNS server is registered.
ASKER
So to recap, the computer is on the domain but not on the DNS's subnet. Name to IP resolution worked after I manually entered the "A" record into the correct Forward Lookup folder in the DNS Server. I also made a reservation for the computer to always be given that address by the DHCP server. Is there any way that you know of to have computers on this new subnet automatically register with the DNS server? If not I'll add all the computers in manually. Thanks.
That's the correct approach. There isn't an automatic way to set that up for new computers per se, but you can probably script it. Now that you know what to do, I'd probably ask that as a new question. If you want help, that is.
ASKER
Thanks.
FYI: if you removed the Forigate DHCP server from the WLAN and implemented Windows Server as your DHCP server for all zones via IP Helper this would resolve automatically because when you use Windows Server as your DHCP & DNS server they are tightly integrated so when the user traverses to and from the LAN and WLAN at each DHCP handout the DNS is automatically updated and registered.