Can Only Access PCs on VPN by IP Address
-
יום ראשון 10 יוני 2012 20:23
Hello,
I've configured a Windows Server 2008 R2 server to work as a VPN so that I might access my home network whilst I'm away from home. I've forwareded all the proper ports, and setup everything correctly. When I use my Windows 7 laptop to connecto to the VPN, I can access all the computers on my home network remotely, but only via their Internal IP addresses; nor am I able to use the Homegroup...
So I looked up what was wrong and it turns out I needed a DNS server. So, I installed Windows Server 2008 R2 on a separate physical server, and configured it. However, it's still not resovling the Internal IP addresses. Am I supposed to configure the VPN server (with RRAS) to work in concert with the DNS server or something? If so, how exactly do I do that?
ThanksComputer
כל התגובות
-
יום ראשון 10 יוני 2012 23:29
No, You do not need to change anything in RRAS. You do need to make sure that your VPN client is actually using the correct DNS server.
The VPN client will usually inherit the DNS server that the RRAS server is configured to use. If that is not the one you want to use, manually configure the DNS address in the properties of the VPN client.
Bill
- סומן כתשובה על-ידי Tiger LiModerator יום חמישי 14 יוני 2012 01:32
-
יום שני 11 יוני 2012 00:02Okay, but quick question, how do I configure my RRAS server to use my DNS server?
Computer
-
יום שלישי 12 יוני 2012 08:36מנחה דיון
Hi roxxas2,
Thanks for posting here.
Please take look the chapter "Name resolution" in the blog post below:
Remote Access Design Guidelines – Part 4: IP Routing and DNS
So it is depend on the DNS addresses that we assigned to the internal facing interface on RRAS host.
Thanks.
Tiger Li
Tiger Li
TechNet Community Support
- נערך על-ידי Tiger LiModerator יום שלישי 12 יוני 2012 08:36
- סומן כתשובה על-ידי Tiger LiModerator יום חמישי 14 יוני 2012 01:32
-
יום שלישי 12 יוני 2012 14:06
In addition to the suggestions provided, what names are you using trying to access internal resources? NetBIOS names, such as "computerName" or FQDN such as "computername.internaldomain.local?"
If NetBIOS, and I noticed you want to use the "HOMEGROUP," then that kind of hints towards NetBIOS name support, which is what the homegroup feature uses, similar to Network Neighborhood. I would suggest to use WINS to support this:
WINS - What Is It, How To Install It, WINS Replication Partner Design Guidelines, How to Configure DHCP Scopes For WINS Client Distribution, and more:
Published by acefekay on Oct 27, 2010 at 6:18 PM
http://msmvps.com/blogs/acefekay/archive/2010/10/27/wins-what-is-it-how-to-install-it-and-how-to-configure-dhcp-scopes-for-wins-client-distribution.aspx.
As far as using DNS and/or WINS with VPN clients, in your DHCP Scope in Windows DHCP, you must specify Option 006 as only the internal DNS server, and configure a DHCP Relay Agent, or make sure the VPN server itself is confgured in its own NIC the WINS server and ONLY configured the DNS server you installed and NOT the router or ISP's DNS address in the NIC.
YOu'll want all machines to use WINS, otherwise not all machines will be registered into the WINS database, resulting in inconsistent results.
More info on the relay agent and other VPN notes that you may find helpful:
================================
================================
RRAS (VPN) DHCP OptionsBy default, DHCP Options are NOT passed to a RRAS client (dialup or VPN). Instead, this information is taken directly from the RAS server's NIC settings, and may not be the DNS or WINS server addresses you want to give the VPN clients. If a RAS server has WINS or DNS entries, these entries are passed to the client.
If you want to test this theory, you can put a fake WINS address in the server's NIC's WINS settings, reboot the server, then connect a client, and see if it gets the fake WINS address from the server.
However, if you configure the RRAS server as a DHCP Relay agent, it will pass the DHCP options to the client.
Understanding DHCP IP Address Assignment for RAS Clients
http://support.microsoft.com/kb/160699/EN-USIP Address Assignment
http://technet.microsoft.com/en-us/library/dd469712(WS.10).aspxThread Discussion: DNS DHCP option 006 not being applied to VPN clients via RRAS
This is a good discusion with specifics about how an IP config is passed to a RRAS client and DHCP relay agents
http://www.petri.co.il/forums/showthread.php?t=35748Configuring the DHCP Relay Agent to Support VPN Client TCP/IP Addressing Options
http://www.isaserver.org/img/upl/vpnkitbeta2/dhcprelay.htm.
Ace Fekay
MVP, MCT, MCITP EA, MCTS Windows 2008/R2, Exchange 2007 & Exchange 2010, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.phpThis post is provided AS-IS with no warranties or guarantees and confers no rights.
- סומן כתשובה על-ידי Tiger LiModerator יום חמישי 14 יוני 2012 01:32
.png)
