Resolving DNS from remote subnets

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Scenario

Win2K Single Domain
Multiple Phisical sites connected via dedicated lines with Cisco Routers
2 DNS servers on main office's Subnet

Many people come to our remote offices with their laptops and they want to
be able to use the internet from the lobby. I created a separate subnet for
this individuals.

If I place a computer that belongs to the domain in that subnet everything
works fine.

If it is laptop from one of our clients no names are resolved to DNS thus no
internet access. However if they type the address on one or our web sites at
our corporate office where the DNS servers are then it takes them there.

Any thoughts
 
AJ said:
Scenario

Win2K Single Domain
Multiple Phisical sites connected via dedicated lines with Cisco Routers
2 DNS servers on main office's Subnet

Many people come to our remote offices with their laptops and they want to
be able to use the internet from the lobby. I created a separate subnet for
this individuals.

If I place a computer that belongs to the domain in that subnet everything
works fine.

If it is laptop from one of our clients no names are resolved to DNS thus no
internet access. However if they type the address on one or our web sites at
our corporate office where the DNS servers are then it takes them there.
Click to expand...

Then you DNS is not properly configured. How do they get their
settins in that location? DHCP?

All INTERNAL DNS servers for a Domain (or even a Forest) should
usually return ALL needed answers.

DNS works fine when routed.

You really should have DNS in each AD Site -- placing it on the DCs
themselves is generally correct and there is seldom a good reason for
having a "site" without a DC.
 
In
AJ said:
Scenario

Win2K Single Domain
Multiple Phisical sites connected via dedicated lines with Cisco
Routers 2 DNS servers on main office's Subnet

Many people come to our remote offices with their laptops and they
want to be able to use the internet from the lobby. I created a
separate subnet for this individuals.

If I place a computer that belongs to the domain in that subnet
everything works fine.

If it is laptop from one of our clients no names are resolved to DNS
thus no internet access. However if they type the address on one or
our web sites at our corporate office where the DNS servers are then
it takes them there.

Any thoughts
Click to expand...

IF names are not resolving, my first question is what DNS server address(es)
is(are) provided the clients on that subnet thru DHCP?

Does the router have a firewall rule not allowing any sort of traffic?

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Infinite Diversities in Infinite Combinations.
=================================
 
The router does not have any rules preventing it nor allowing it.
The other computers (members of the domain) receive DNS from the DHCP and so
the guest computers which show the DNS if I do an IP config. However when you
try to resolve a name to IP it errors off.

I just tested other subnets and as long as the PC is a member of the domain
there is not problem otherwise it is.

Thanks
 
AJ said:
The router does not have any rules preventing it nor allowing it.
The other computers (members of the domain) receive DNS from the DHCP and so
the guest computers which show the DNS if I do an IP config. However when you
try to resolve a name to IP it errors off.
Click to expand...

Post the addresses of your DNS servers along with the "IPConfig /all"
of a sample WORKING and a NON-WORKING machine.

Post the text and please don't retype it or use a graphic.
I just tested other subnets and as long as the PC is a member of the domain
there is not problem otherwise it is.
Click to expand...

Membership in the domain does NOT affect DNS resolution for that machine;
it might affect registration or resolution of the machine by OTHER machines.

On the other hand, failure of DNS will affect Domain access.

You might also post the Tracert from problem machine to prove you can
route (tracert to the IP address of the DNS server the IPconfig says they
will
use.)
 
In
AJ said:
The router does not have any rules preventing it nor allowing it.
The other computers (members of the domain) receive DNS from the DHCP
and so the guest computers which show the DNS if I do an IP config.
However when you try to resolve a name to IP it errors off.

I just tested other subnets and as long as the PC is a member of the
domain there is not problem otherwise it is.

Thanks
Click to expand...

In addition to Herb's suggestions, if you have a Cisco router or PIX
firewall, it may need to be updated to support EDNS0, which *may* or may not
be the problem, but I'm not sure unless I see the info Herb asked.

828263 - DNS query responses do not travel through a firewall in Windows
Server 2003:
http://support.microsoft.com/?id=828263

828731 - An External DNS Query May Cause an Error Message in Windows Server
2003:
http://support.microsoft.com/?id=828731

Ace
 
Back
Top