Vpn CLients into DNS?

  • Thread starter Thread starter James W. Long
  • Start date Start date
J

James W. Long

Hi All:

If I run RRAS and have a VPN server set up,
then is it possible to get the vpn clients who connect
seen in DNS,
and do I need to run WINS to accomplish that?


Thank you
James W. Long
 
In
James W. Long said:
Hi All:

If I run RRAS and have a VPN server set up,
then is it possible to get the vpn clients who connect
seen in DNS,
and do I need to run WINS to accomplish that?
Click to expand...

To get VPN clients to register in DNS, a client that supports DDNS can do it
or DHCP can do it.
WINS will populate Network places, or you can configure DNS to do a WINS
lookup on the WINS tab of the zone properties.
 
Dear Kevin:

Good to hear from you again!
Thanks for the reply.
Not that I understand all of it,
so I'm going to ask more questions.

I know we wont be running ddns so thats out.

We want the vpn clients to show up in our internal dns.
and we want to get to thier drives and shares in network places

My dns server is ad integrated on win2k server here.

if I run dhcp then dhcp will allocate the vpn addresses
and tell dns what they are so that dns then knows.
is that correct?

On that subject, lets say I have an as400 running
dhcp on the same network instead.
Wouldnt I want to move dhcp to my DC
so it can talk to my ad integrated DNS?
or can my ad DNS make use of dhcp
running on an as400?


if I run WINS, then my vpn clients will see objects
in network places and I will also see the vpn clients
(and any shares they have) in network places
is that correct?

and lastly,
if I configure DNS to do a WINS lookup
on the Wins tab (in dns mmc),
OK I got lost, I need to do this anyway?

I'm asking because I need to get this all right.

Thanks for your patience,

James W. Long
 
In James W. Long <[email protected]> commented
Then Kevin replied below:

Hello again James, answers inline.
Dear Kevin:

Good to hear from you again!
Thanks for the reply.
Not that I understand all of it,
so I'm going to ask more questions.

I know we wont be running ddns so thats out.
Click to expand...

If your not going to be using DDNS, how is DHCP expected to update DNS?
We want the vpn clients to show up in our internal dns.
and we want to get to thier drives and shares in network
places
Click to expand...

As you know, DNS and Network places are two totally different functions. The
VPN clients will have to use WINS to populate Network places.
DNS registration is not required for clients, but if you want clients to
populate DNS you will have to allow dynamic registration. That said, the
domain forward lookup zone can be configured to query the WINS server for
hosts not found in DNS, so as long as this function works your clients do
not have to register in DNS as long as the clients have a WINS registration.
My dns server is ad integrated on win2k server here.

if I run dhcp then dhcp will allocate the vpn addresses
and tell dns what they are so that dns then knows.
is that correct?
Click to expand...

Yes, DHCP can register the clients in DNS, if the DHCP server supports this
option and the DNS servers to be registered in are configured in the active
network connections of the machine DHCP is running on.
On that subject, lets say I have an as400 running
dhcp on the same network instead.
Wouldnt I want to move dhcp to my DC
so it can talk to my ad integrated DNS?
or can my ad DNS make use of dhcp
running on an as400?
Click to expand...

Unfortunately, the AS400 is out of my scope of knowledge, so I don't know if
the AS400 DHCP can register in MS DNS. I can tell you that BIND DHCP cannot
register in a MS DNS server and vice-versa because the protocols of the two
softwares are different.
if I run WINS, then my vpn clients will see objects
in network places and I will also see the vpn clients
(and any shares they have) in network places
is that correct?
Click to expand...

Yes, that is how it is supposed to work.
and lastly,
if I configure DNS to do a WINS lookup
on the Wins tab (in dns mmc),
OK I got lost, I need to do this anyway?
Click to expand...

I would if you don't use DDNS for the VPN clients. This way the VPN clients
can be resolved in DNS without actually registering in DNS.
 
Kevin D. Goodknecht Sr. said:
In James W. Long <[email protected]> commented
Then Kevin replied below:

Hello again James, answers inline.


If your not going to be using DDNS, how is DHCP expected to update DNS?
Click to expand...

Our vpn clients will vpn to a fixed static ip.
Our DNS only runs on our inside lan.

we think that dhcp will allocate IP addresses to the
vpn clients intead of rras. rras has a check box
that will allow a dhcp server to allocate the addresses
rather than rras. we think dhcp will update dns
once it is doing the job rather than the
address pool scheme in rras.


As you know, DNS and Network places are two totally different functions.
Click to expand...

right. but we need them both.
The
VPN clients will have to use WINS to populate Network places.
DNS registration is not required for clients, but if you want clients to
populate DNS you will have to allow dynamic registration.
Click to expand...

ok. do I just check "register in dns" on the clients end to allow this
and is there more at the server I do?



That said, the
domain forward lookup zone can be configured to query the WINS server for
hosts not found in DNS, so as long as this function works your clients do
not have to register in DNS as long as the clients have a WINS
Click to expand...
registration.

I am unfamiliar with WINS.
almost with you here, until you said "as long as clients have a wins
registration"
what does that mean?

Yes, DHCP can register the clients in DNS, if the DHCP server supports this
option and the DNS servers to be registered in are configured in the active
network connections of the machine DHCP is running on.


Unfortunately, the AS400 is out of my scope of knowledge, so I don't know if
the AS400 DHCP can register in MS DNS. I can tell you that BIND DHCP cannot
register in a MS DNS server and vice-versa because the protocols of the two
softwares are different.
Click to expand...

ok thanks
 
In
I am unfamiliar with WINS.
almost with you here, until you said "as long as clients
have a wins registration"
what does that mean?
Click to expand...

Clients must register with WINS server just as they would for DNS. This
difference being that WINS will populate Network places and DNS can query
WINS.
 
Dear Kevin:

ok thats cool,
how do I do that? {make them register in WINS}
this answer goes to more than one problem in my case!

For instance we have several win98 systems here which do not show up
in DNS for some reason and we are running both DNS and WINS
yet I cant reference them by name..and dont know thier ip addresses
(which were handed out by dhcp), yet they show up in network places,
so would setting thier wins server address in thier control
panel->network->tcpip->properties...
as the address of our wins server solve this problem, and
is that what you mean by registering in wins? I checked the "look up in
wins"
checkbox in the forward zone wins tab.

Thanks,
James W. Long
 
In
James W. Long said:
Dear Kevin:

ok thats cool,
how do I do that? {make them register in WINS}
this answer goes to more than one problem in my case!

For instance we have several win98 systems here which do
not show up in DNS for some reason and we are running
both DNS and WINS
yet I cant reference them by name..and dont know thier ip
addresses (which were handed out by dhcp), yet they show
up in network places, so would setting thier wins server
address in thier control
panel->network->tcpip->properties...
as the address of our wins server solve this problem, and
is that what you mean by registering in wins? I checked
the "look up in wins"
checkbox in the forward zone wins tab.
Click to expand...

You can manually configure them to use a WINS server which will cause them
to register their addresses in WINS. You can also configure DHCP option 044
and 046 to assign the WINS server and Node type.

Having the Zone configured to search the WINS server works for hosts not
found in DNS works fine.
 
Dear Kevin:

Rock and Roll!

I am getting initial results in DNS already as
more clients reboot and get the new dhcp specs.

Thank you very much!

James W. Long
 
In
James W. Long said:
Dear Kevin:

Rock and Roll!

I am getting initial results in DNS already as
more clients reboot and get the new dhcp specs.

Thank you very much!
Click to expand...

Very good! Which method are you using?
 
I configured dhcp with the wins server and node type
but...although DNS does see more clients, it does not see them all
 
In
James W. Long said:
I configured dhcp with the wins server and node type
but...although DNS does see more clients, it does not
see them all
Click to expand...

Have you checked the WINS database to see if all had WINS registrations?
 
Back
Top