0

I have a RRAS server setup on a Windows 2003 machine with two NIC's. The VPN works like a charm, I can ping all the other computers on the network. But it fails when I try to access resources with hostnames.

I searches for a solution but the ones I found are about RRAS setup with a remote DHCP server. But in my case it's the RRAS server that hands out the ip addresses (option for redirection for WINS, DNS is ON and set to the LAN NIC).

I also heard something about FQDN.. but I don't really understand what that is.

Sven van Zoelen
  • 219
  • 1
  • 5
  • 12
  • I don't have the answer to you main question, but I can tell you that FQDN stands for "fully qualified domain name", i.e. a host name that ends in a TLD like x.y.com or z.local. – Bart B Sep 29 '11 at 15:40

2 Answers2

1

Does the server NIC that's bound to RRAS have DNS servers configured in the TCP/IP properties? If not then that's the problem. When using a static ip address pool for VPN clients the RRAS server assigns the same DNS servers to the clients that are configured in the TCP/IP properties of the server NIC that's bound to RRAS. You probably want to configure the RRAS server NIC to use your internal DNS servers, that way VPN clients will use them and be able to resolve internal DNS names.

joeqwerty
  • 109,901
  • 6
  • 81
  • 172
  • The LAN NIC has the DNS server configured, but the WAN NIC has a different DNS (ISP). Do I have to change that to the internal DNS on the LAN? – Sven van Zoelen Sep 29 '11 at 14:04
  • If you want the VPN clients to be able to resolve internal DNS names, then yes. From a VPN client that's connected can you see what DNS servers it has been assigned? They should be the same ones assigned to the WAN NIC on the server. – joeqwerty Sep 29 '11 at 14:07
  • An alternative approach would be to set up a DHCP server on the internal network (or on the RRAS server itself) and configure the RRAS server to use DHCP to assign ip addresses to VPN clients. Then you would configure your DHCP scope options with the internal DNS servers and DNS domain name. – joeqwerty Sep 29 '11 at 14:10
  • I have configured the WAN NIC to the internal DNS. But still no luck when i try to ping hostnames when conected with the VPN. When I look at the ipconfig details, then i see that the DNS is set correctly.. But the default gateway is 0.0.0.0 – Sven van Zoelen Sep 29 '11 at 14:23
  • Are you pinging the FQDN of the hosts? – joeqwerty Sep 29 '11 at 15:01
0

If you use static IP addresses for RRAS clients, it's basically a same approach as if you'd use static IP addresses for the computers in your LAN.
When the client has connected to your local network through VPN, the client behaves more or less the same as your other LAN clients. You should configure the VPN client Network Interface Card (NIC) DNS servers / WINS server just like you'd configure the computers on your LAN. If the VPN client will have the internal DNS server configured, then the VPN client will be able to resolve internal DNS names through this internal DNS. If the client will be configured with the external DNS, the DNS queries from VPN client will traverse through VPN, through your LAN network, through your LAN gateway to your ISP DNS server.
FQDN is a Fully Qualified Domain Name - i.e. microsoft.com. <-- note the dot at the end. I.e.: 'cat.animal.com.' is FQDN, 'cat.animal' is not a FQDN, nor is 'cat'. From what I've encountered so far, Windows Server 2003 configuration files sometimes skip the trailing dot in FQDN.

colemik
  • 759
  • 1
  • 12
  • 24