RRAS behind a firewall - Name Resolution

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I am designing a VPN infrastructure and have a question concerning name
resolution.

I have used Win2k RRAS behind a firewall before so I know it works. While
installing the RRAS service I got the message, "Hey! You need two network
cards to do this!" warning and ignored it. Everything worked fine for years
afterwards.

I would however notices some weird behavior from time to time. The server
hosting RRAS was the only server on the network so it was also the DC And
Exchange server. I noticed that sometimes when I was making connections to
the server I would see a connection to an unexpected IP address.

The server was named srv01 and the address was 192.168.1.20. Sometimes when
I would look at my connections (netstat, protocol analyzer) I would see
connections to a DHCP client address? It never caused anything to stop
working but was definitely odd! Turns out I was seeing the PPTP adapter RRAS
was using on the local area network. I guess RRAS was registering srv01 on
the network using both it's hard wired address and its PPTP adapter address.

Is there anyway to prevent this? Or does it even matter? I'm afraid that
the new network which I am designing will experience name resolution problems
since the network has lots of servers on it.

Any advice would be greatly appreciated!
 
1. You don't need to two NICs to setup RRAS if you already have a firewall or router.
2. It is not recommended to setup VPN on DC with DNS and exchange. If for some reasons, you must do so, you may configure register only one DNS and WINS (if you have WINS server on the DC). This troubleshooting may help,

Name resolution on VPNConnection issues on DC, ISA, DNS and WINS server as VPN server How to assign DNS and WINS on VPN client manually Name resolution Issue in a VPN client ...
http://www.chicagotech.net/nameresolutionpnvpn.htm


Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I am designing a VPN infrastructure and have a question concerning name
resolution.

I have used Win2k RRAS behind a firewall before so I know it works. While
installing the RRAS service I got the message, "Hey! You need two network
cards to do this!" warning and ignored it. Everything worked fine for years
afterwards.

I would however notices some weird behavior from time to time. The server
hosting RRAS was the only server on the network so it was also the DC And
Exchange server. I noticed that sometimes when I was making connections to
the server I would see a connection to an unexpected IP address.

The server was named srv01 and the address was 192.168.1.20. Sometimes when
I would look at my connections (netstat, protocol analyzer) I would see
connections to a DHCP client address? It never caused anything to stop
working but was definitely odd! Turns out I was seeing the PPTP adapter RRAS
was using on the local area network. I guess RRAS was registering srv01 on
the network using both it's hard wired address and its PPTP adapter address.

Is there anyway to prevent this? Or does it even matter? I'm afraid that
the new network which I am designing will experience name resolution problems
since the network has lots of servers on it.

Any advice would be greatly appreciated!
 
Back
Top