Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Name resolution issues with VPN

0 views
Skip to first unread message

Chris Warwick

unread,
Oct 13, 2008, 7:17:41 PM10/13/08
to
Scenario: I have a domain using DFS with a domain-based root, so
clients access folder shares using \\domain.com\share-name.

Domain.com is also registered externally (internet).

When on my internal subnet my internal DNS servers resolve domain.com
and all is well. But when I fire up a VPN client and get a new set of
DNS servers I'm guessing they are picking up the external view of
domain.com. The external view points to a web hosting service.
Consequently I loose all access to DFS folders (including "My
Documents" etc) as long as the VPN connection is active.

Basically, I want to use the VPN supplied DNS servers for all name
resolution *except* for domain.com which should ALWAYS point to my
internal servers - even when the VPN connection is active.

I don't want to use host records because that would break DFS anyways.

Any ideas how I might fix this?

Apologies if this is the wrong group - if I should be somewhere else
please let me know. Happy to provide further configuration details as
required.

Thanks all
Chris

James Yeomans BSc, MCSE

unread,
Oct 14, 2008, 4:58:00 PM10/14/08
to
Hi there, unfortuantely you can't specify on a client different dns servers
to use for different domains. You have to either make sure they use a dns
server that contains a copy of the zone they need to resolve or make sure a
copy of that zone is on the dns server they are using ( i realise they are
both the same thing). Your best bet would be to create a record on your
external dns servers for the internal resource you are trying to access. Bear
in mind an external record could point to an internal IP say, 192.168.x.x (or
any other private subnet that you may be using on your LAN), that way the
client will receive the ip and be able to access the resource. Hope that
helps. Good luck.
James.
--
James Yeomans, BSc, MCSE

Chris Warwick

unread,
Oct 15, 2008, 1:44:09 AM10/15/08
to
On Tue, 14 Oct 2008 13:58:00 -0700, James Yeomans BSc, MCSE
<JamesYeom...@discussions.microsoft.com> wrote:

>Hi there, unfortuantely you can't specify on a client different dns servers
>to use for different domains. You have to either make sure they use a dns
>server that contains a copy of the zone they need to resolve or make sure a
>copy of that zone is on the dns server they are using ( i realise they are
>both the same thing). Your best bet would be to create a record on your
>external dns servers for the internal resource you are trying to access. Bear
>in mind an external record could point to an internal IP say, 192.168.x.x (or
>any other private subnet that you may be using on your LAN), that way the
>client will receive the ip and be able to access the resource. Hope that
>helps. Good luck.
>James.


Thanks James, unfortunately I have no control over the external DNS
and can't add records there. Looks like I'll have to rethink the
internal/external publishing of domain.com - likely I'll have to use
different names internally/externally

Cheers,
Chris

James Yeomans BSc, MCSE

unread,
Oct 15, 2008, 4:33:01 AM10/15/08
to
Your other option is to edit the hosts file on each machine, assuming you
dont have to many you could do this manually or you could create a script to
copy a new hosts file to each machine, that way all the machine will
implicitly know the ip they need and will not require dns to resolve it. The
following article explaing about hosts files:
http://en.wikipedia.org/wiki/Hosts_file

--
James Yeomans, BSc, MCSE
0 new messages