locked
Weird DNS Errors After Adding VPN on Server RRS feed

  • Question

  • I seem to be getting some weird errors in the DNS log after I installed VPN on our server, it is Server 2003 SP2. The 180 address below seems to refer to the PPP RAS Server dial in adaptor which I think was created by the VPN when I installed it, which is strange as I have the VPN server setup on another ip address.

     

    The DNS server could not open socket for address 192.168.0.180.
    Verify that this is a valid IP address for the server computer.  If it is NOT valid use the Interfaces dialog under Server Properties in the DNS Manager to remove it from the list of IP interfaces.  Then stop and restart the DNS server. (If this was the only IP interface on this machine and the DNS server may not have started as a result of this error.  In that case remove the DNS\Parmeters\ ListenAddress value in the services section of the registry and restart.)
     
    If this is a valid IP address for this machine, make sure that no other application (e.g. another DNS server) is running that would attempt to use the DNS port.
     
    For more information, see "DNS server log reference" in the online Help.

    For more information, see Help and Support Center at

    ------------------------------------------------------------------

    AND ALSO GETTING :

    ------------------------------------------------------------------

     

    The DNS server could not bind a User Datagram Protocol (UDP) socket to 192.168.0.180. The event data is the error code. Restart the DNS server or reboot your computer.

    Wednesday, May 12, 2010 11:01 AM

Answers

  •    The VPN server must have an additional IP address for the internal RRAS interface. This is the server end of the VPN connection. It gets an IP address as soon as the first client connects.

      Have you set up RRAS on a DC or DNS server? This is a bad idea. It will cause you all sorts of problems with name resolution on both Netbios and DNS names (and browsing if you use it). See KB292822.

     


    Bill
    Wednesday, May 12, 2010 11:11 AM
  • On Wed, 12 May 2010 11:30:26 +0000, Crea2k wrote:
     
    >Hi, yes it is a DC / DNS Server, Is there no way of making RRAS and dns / ad play nicely together ?
     
    Actually there is, however a bit complicated. Please read my blog on
    this issue which explains what's going on, implications, and ways
    around it.
     
    Multihomed DCs with DNS, RRAS, multiple IPs, and/or PPPoE adapters
    http://msmvps.com/blogs/acefekay/archive/2009/08/17/multihomed-dcs-with-dns-rras-and-or-pppoe-adapters.aspx
     
    I hope you find it helpful.
     
    Ace
     

    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services This posting is provided AS-IS with no warranties or guarantees and confers no rights.
    Thursday, May 13, 2010 3:07 PM

All replies

  •    The VPN server must have an additional IP address for the internal RRAS interface. This is the server end of the VPN connection. It gets an IP address as soon as the first client connects.

      Have you set up RRAS on a DC or DNS server? This is a bad idea. It will cause you all sorts of problems with name resolution on both Netbios and DNS names (and browsing if you use it). See KB292822.

     


    Bill
    Wednesday, May 12, 2010 11:11 AM
  • Hi, yes it is a DC / DNS Server, Is there no way of making RRAS and dns / ad play nicely together ?
    Wednesday, May 12, 2010 11:30 AM
  • Hi Crea2k


    I think this called "Multihomed DC" , it's not really no recommended , you can read the explain from an old thread

    http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/a1583d7f-fa59-4497-89de-666d683e53a0

    but you can make them work if you modify the registry ,I found a solution from other forum ,hope that helpful

    http://forums.techarena.in/server-dns/509733.htm

    Thursday, May 13, 2010 10:26 AM
  • Ok thanks for that I will take a look :)
    Thursday, May 13, 2010 1:03 PM
  • By the way, I didnt mention this before, don't know if it matters or not, but I have the VPN running into a second NIC with its own ip address, so I have one NIC internal and the other external.
    Thursday, May 13, 2010 1:05 PM
  • On Wed, 12 May 2010 11:30:26 +0000, Crea2k wrote:
     
    >Hi, yes it is a DC / DNS Server, Is there no way of making RRAS and dns / ad play nicely together ?
     
    Actually there is, however a bit complicated. Please read my blog on
    this issue which explains what's going on, implications, and ways
    around it.
     
    Multihomed DCs with DNS, RRAS, multiple IPs, and/or PPPoE adapters
    http://msmvps.com/blogs/acefekay/archive/2009/08/17/multihomed-dcs-with-dns-rras-and-or-pppoe-adapters.aspx
     
    I hope you find it helpful.
     
    Ace
     

    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services This posting is provided AS-IS with no warranties or guarantees and confers no rights.
    Thursday, May 13, 2010 3:07 PM