| Home | Register | Members | Search | Windows Vista Tips | File Database | Links |
 |
| Thread Tools | Display Modes |
|
Ace Fekay [MCT]
Guest
Posts: n/a
|
> On 11 Dec, 17:51, "Frankster" <fr...@SPAM2TRASH.com> wrote:
>> ------------------------------------------------- >> PPP adapter To Vigor: >> >> * * * * Connection-specific DNS Suffix *. : [I would like to add >> "workzone" to this but can't seem to edit it.] >> >> * * * * Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface >> >> * * * * Physical Address. . . . . . . . . : 00-etc >> >> * * * * Dhcp Enabled. . . . . . . . . . . : No >> >> * * * * IP Address. . . . . . . . . . . . : 2.2.2.1 [work ip] >> >> * * * * Subnet Mask . . . . . . . . . . . : 255.255.255.255 >> >> * * * * Default Gateway . . . . . . . . . : 2.2.2.1 [strange - this is >> my ip not the work router!] >> >> * * * * DNS Servers . . . . . . . . . . . : 158.152.1.58 >> >> * * * * * * * * * * * * * * * * * * * * * * 158.152.1.43 >> >> Frank - Hope this helps. >> >> ------------------------------------------------ >> >> It appears that you have edited the actual IPs so it's hard to tell. >> >> However.... it's the CONNECTED VPN client I was interested in. *Apparently >> the above "PPP" interface. >> >> You have been assigned a PUBLIC IP for DNS. *This is why you cannot reach >> any of your internal machines by NetBios name. *Or by FQDN either, assuming >> they are in private address space. >> >> A DNS VPN server should normally be configured to pass out an INTERNAL DNS >> server for name resolution. *Normally is most cases. *But yours could be >> different. I can't tell if you've edited the IPCONFIG (i.e. 1.1.1.1, >> 2.2.2.2., etc.) >> >> I'm not an expert in this arena. *This is just one thing that I know is >> often misconfigured. *Perhaps someone else more knowledgeable can chime in. >> But an unedited IPCONFIG would probably be necessary. >> >> -Frank > > Your right - how did it get the external IPs for the DNS? I'm on to > the Vigor setup now.... > The edited IPs were only my IPs at the remote site they are both the > same (192.168.36.21). Not sure why this is down as the default gateway > either?! > > Thanks for the help Which DHCP server is being used at the VPN side? Check option 006 (the DNS address it provides) to insure that only 192.168.36.21 is the DNS server at the remote network. However, if the 192.168.36.0/24 subnet at the remote location is the same as your current location, then you will not be able to communicate to the remote location because they are the same. As for gateways, you can look at the VPN client settings to configure it to use the local default gateway for anything else other than remote VPN connectivity. How to do that depends on which VPN client is being used. Ace |
|
|
|
|
|||
|
|||
|
|
|
| |
|
Ace Fekay [MCT]
Guest
Posts: n/a
|
> On 11 Dec, 19:06, Ace Fekay [MCT] <ace...@mvps.RemoveThisPart.org>
> wrote: >>> On 11 Dec, 17:51, "Frankster" <fr...@SPAM2TRASH.com> wrote: >>>> ------------------------------------------------- >>>> PPP adapter To Vigor: >> >>>> * * * * Connection-specific DNS Suffix *. : [I would like to add >>>> "workzone" to this but can't seem to edit it.] >>>> * * * * Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface >>>> * * * * Physical Address. . . . . . . . . : 00-etc >>>> * * * * Dhcp Enabled. . . . . . . . . . . : No >>>> * * * * IP Address. . . . . . . . . . . . : 2.2.2.1 [work ip] >>>> * * * * Subnet Mask . . . . . . . . . . . : 255.255.255.255 >>>> * * * * Default Gateway . . . . . . . . . : 2.2.2.1 [strange - this is >>>> my ip not the work router!] >> >>>> * * * * DNS Servers . . . . . . . . . . . : 158.152.1.58 >>>> * * * * * * * * * * * * * * * * * * * * * * 158.152.1.43 >>>> Frank - Hope this helps. >> >>>> ------------------------------------------------ >>>> It appears that you have edited the actual IPs so it's hard to tell. >>>> However.... it's the CONNECTED VPN client I was interested in. *Apparently >>>> the above "PPP" interface. >> >>>> You have been assigned a PUBLIC IP for DNS. *This is why you cannot reach >>>> any of your internal machines by NetBios name. *Or by FQDN either, >>>> assuming they are in private address space. >> >>>> A DNS VPN server should normally be configured to pass out an INTERNAL DNS >>>> server for name resolution. *Normally is most cases. *But yours could be >>>> different. I can't tell if you've edited the IPCONFIG (i.e. 1.1.1.1, >>>> 2.2.2.2., etc.) >> >>>> I'm not an expert in this arena. *This is just one thing that I know is >>>> often misconfigured. *Perhaps someone else more knowledgeable can chime >>>> in. But an unedited IPCONFIG would probably be necessary. >>>> -Frank >> >>> Your right - how did it get the external IPs for the DNS? *I'm on to >>> the Vigor setup now.... >>> The edited IPs were only my IPs at the remote site they are both the >>> same (192.168.36.21). Not sure why this is down as the default gateway >>> either?! >> >>> Thanks for the help >> >> Which DHCP server is being used at the VPN side? Check option 006 (the >> DNS address it provides) to insure that only 192.168.36.21 is the DNS >> server at the remote network. >> >> However, if the 192.168.36.0/24 subnet at the remote location is the >> same as your current location, then you will not be able to communicate >> to the remote location because they are the same. >> >> As for gateways, you can look at the VPN client settings to configure >> it to use the local default gateway for anything else other than remote >> VPN connectivity. How to do that depends on which VPN client is being >> used. >> >> Ace > > Wow - so much stuff I don't understand!! I want the simplest setup > possible so if AD is Active Directories I have not got that running > (Windows Server 2003). My IPs: .100 is the Router with DHCP (Vigor > 2820) and .200 is the DNS and main server. Here is the full ipconfig > when connected from my client at home: > > Windows IP Configuration > > > > Host Name . . . . . . . . . . . . : Hermes > > Primary Dns Suffix . . . . . . . : > > Node Type . . . . . . . . . . . . : Broadcast > > IP Routing Enabled. . . . . . . . : No > > WINS Proxy Enabled. . . . . . . . : No > > DNS Suffix Search List. . . . . . : Chichester > > > > Ethernet adapter Local Area Connection: > > > > Media State . . . . . . . . . . . : Media disconnected > > Description . . . . . . . . . . . : Broadcom NetXtreme 57xx > Gigabit Controller > > Physical Address. . . . . . . . . : 00-1C-23-1A-A2-09 > > > > Ethernet adapter Wireless Network Connection: > > > > Connection-specific DNS Suffix . : gateway.2wire.net > > Description . . . . . . . . . . . : Dell Wireless 1505 Draft > 802.11n WLAN Mini-Card > > Physical Address. . . . . . . . . : 00-1D-D9-49-99-BF > > Dhcp Enabled. . . . . . . . . . . : Yes > > Autoconfiguration Enabled . . . . : Yes > > IP Address. . . . . . . . . . . . : 192.168.3.3 > > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > > Default Gateway . . . . . . . . . : 192.168.3.100 > > DHCP Server . . . . . . . . . . . : 192.168.3.100 > > DNS Servers . . . . . . . . . . . : 192.168.3.100 > > Lease Obtained. . . . . . . . . . : 11 December 2009 11:01:10 > > Lease Expires . . . . . . . . . . : 12 December 2009 11:01:10 > > > > PPP adapter To Vigor: > > > > Connection-specific DNS Suffix . : > > Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface > > Physical Address. . . . . . . . . : 00-53-45-00-00-00 > > Dhcp Enabled. . . . . . . . . . . : No > > IP Address. . . . . . . . . . . . : 192.168.36.21 > > Subnet Mask . . . . . . . . . . . : 255.255.255.255 > > Default Gateway . . . . . . . . . : 192.168.36.21 > > DNS Servers . . . . . . . . . . . : 158.152.1.58 > > 158.152.1.43 > > I have managed to work out that in the LAN setup of the router at work > I can force a manual DNS to my .200. I think it sets the externals > automatically from when it connects to the ISP as I can not find where > they are physically setup. > > Not sure about DHCP much either! What are rules 15 and 6? I have > simply set up the router to provide IPs from .21 to .40. > > My IPs are different at each site: home 192.168.3.x and work > 192.168.36.x > > Here is a dump of the .200 server at work which is the DNS. .100 are > the router IPs. > Windows IP Configuration > > > > Host Name . . . . . . . . . . . . : Pigotts01 > > Primary Dns Suffix . . . . . . . : > > Node Type . . . . . . . . . . . . : Hybrid > > IP Routing Enabled. . . . . . . . : No > > WINS Proxy Enabled. . . . . . . . : No > > DNS Suffix Search List. . . . . . : Chichester > > > > Ethernet adapter Local Area Connection: > > > > Connection-specific DNS Suffix . : Chichester > > Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network > Connection > > Physical Address. . . . . . . . . : 00-0C-F1-81-70-AA > > DHCP Enabled. . . . . . . . . . . : No > > IP Address. . . . . . . . . . . . : 192.168.36.200 > > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > > Default Gateway . . . . . . . . . : 192.168.36.100 > > DNS Servers . . . . . . . . . . . : 192.168.36.200 > > Primary WINS Server . . . . . . . : 192.168.36.200 > > While we are on the DNS config I am hugely mistified why the wizard > did not set up any reverse data and also whether when I config the NS > should it have .Chichester or just . (dot) after the name of the > server (pigotts01)? > > Sorry I'm such a novice and keeping us all in on a Friday night! Its > getting hard to check the config as the vpn freezes after a few > minutes. So much I don't know where to start.... Sorry, I don't mean to confuse you. There are so many things that need to be configured depending on what you have running, and expectations. If you do not have AD, that simplifies it somewhat. I notice that your router is the DNS server. That may be difficult to get working expecting to ping an internal machine by name. In this case, you would need some sort of server internally to handle DNS and possibly WINS, too, however otherwise if you only use your router to connect, whether you use the router's IP address for DNS or not, it still will not resolve internal names. Matter of fact, since the router is the VPN server, and for internal machines at that location uses the router for DNS, then the router is really acting as a 'proxying' resolver, meaning any requets it gets from an internal machine, is really sending it out to the ISP's DNS addresses configured in the router's WAN interface, hence why it is giving you the 158.x.x.x numbers when the VPN client is connected. There's not much you can do about that, unless of course, you install an internal DNS server. Then that means you have to configure internal suffixes, or not and use Option 015 with an internal zone for all internal machines. However this complicates it further, so i will not try to confuse you any further. So in light of all this, I would suggest to simply use internal IPs to connect to internal machines, for now. Ace |
|
|
|
|
|||
|
|
|||
|
Ace Fekay [MCT]
Guest
Posts: n/a
|
> On 11 Dec, 20:08, Ace Fekay [MCT] <ace...@mvps.RemoveThisPart.org>
> wrote: >>> On 11 Dec, 19:06, Ace Fekay [MCT] <ace...@mvps.RemoveThisPart.org> >>> wrote: >>>>> On 11 Dec, 17:51, "Frankster" <fr...@SPAM2TRASH.com> wrote: >>>>>> ------------------------------------------------- >>>>>> PPP adapter To Vigor: >> >>>>>> * * * * Connection-specific DNS Suffix *. : [I would like to add >>>>>> "workzone" to this but can't seem to edit it.] >>>>>> * * * * Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface >>>>>> * * * * Physical Address. . . . . . . . . : 00-etc >>>>>> * * * * Dhcp Enabled. . . . . . . . . . . : No >>>>>> * * * * IP Address. . . . . . . . . . . . : 2.2.2.1 [work ip] >>>>>> * * * * Subnet Mask . . . . . . . . . . . : 255.255.255.255 >>>>>> * * * * Default Gateway . . . . . . . . . : 2.2.2.1 [strange - this is >>>>>> my ip not the work router!] >> >>>>>> * * * * DNS Servers . . . . . . . . . . . : 158.152.1.58 >>>>>> * * * * * * * * * * * * * * * * * * * * * * 158.152.1.43 >>>>>> Frank - Hope this helps. >> >>>>>> ------------------------------------------------ >>>>>> It appears that you have edited the actual IPs so it's hard to tell. >>>>>> However.... it's the CONNECTED VPN client I was interested in. >>>>>> *Apparently the above "PPP" interface. >> >>>>>> You have been assigned a PUBLIC IP for DNS. *This is why you cannot >>>>>> reach any of your internal machines by NetBios name. *Or by FQDN either, >>>>>> assuming they are in private address space. >>>>>> A DNS VPN server should normally be configured to pass out an INTERNAL >>>>>> DNS server for name resolution. *Normally is most cases. *But yours >>>>>> could be different. I can't tell if you've edited the IPCONFIG (i.e. >>>>>> 1.1.1.1, 2.2.2.2., etc.) >> >>>>>> I'm not an expert in this arena. *This is just one thing that I know is >>>>>> often misconfigured. *Perhaps someone else more knowledgeable can chime >>>>>> in. But an unedited IPCONFIG would probably be necessary. >>>>>> -Frank >> >>>>> Your right - how did it get the external IPs for the DNS? *I'm on to >>>>> the Vigor setup now.... >>>>> The edited IPs were only my IPs at the remote site they are both the >>>>> same (192.168.36.21). Not sure why this is down as the default gateway >>>>> either?! >> >>>>> Thanks for the help >> >>>> Which DHCP server is being used at the VPN side? Check option 006 (the >>>> DNS address it provides) to insure that only 192.168.36.21 is the DNS >>>> server at the remote network. >> >>>> However, if the 192.168.36.0/24 subnet at the remote location is the >>>> same as your current location, then you will not be able to communicate >>>> to the remote location because they are the same. >>>> As for gateways, you can look at the VPN client settings to configure >>>> it to use the local default gateway for anything else other than remote >>>> VPN connectivity. How to do that depends on which VPN client is being >>>> used. >> >>>> Ace >> >>> Wow - so much stuff I don't understand!! *I want the simplest setup >>> possible so if AD is Active Directories I have not got that running >>> (Windows Server 2003). *My IPs: .100 is the Router with DHCP (Vigor >>> 2820) and .200 is the DNS and main server. *Here is the full ipconfig >>> when connected from my client at home: >>> Windows IP Configuration >> >>> * * * * Host Name . . . . . . . . . . . . : Hermes >>> * * * * Primary Dns Suffix *. . . . . . . : >>> * * * * Node Type . . . . . . . . . . . . : Broadcast >>> * * * * IP Routing Enabled. . . . . . . . : No >>> * * * * WINS Proxy Enabled. . . . . . . . : No >>> * * * * DNS Suffix Search List. . . . . . : Chichester >>> Ethernet adapter Local Area Connection: >>> * * * * Media State . . . . . . . . . . . : Media disconnected >>> * * * * Description . . . . . . . . . . . : Broadcom NetXtreme 57xx >>> Gigabit Controller >> >>> * * * * Physical Address. . . . . . . . . : 00-1C-23-1A-A2-09 >>> Ethernet adapter Wireless Network Connection: >>> * * * * Connection-specific DNS Suffix *. : gateway.2wire.net >>> * * * * Description . . . . . . . . . . . : Dell Wireless 1505 Draft >>> 802.11n WLAN Mini-Card >> >>> * * * * Physical Address. . . . . . . . . : 00-1D-D9-49-99-BF >>> * * * * Dhcp Enabled. . . . . . . . . . . : Yes >>> * * * * Autoconfiguration Enabled . . . . : Yes >>> * * * * IP Address. . . . . . . . . . . . : 192.168.3.3 >>> * * * * Subnet Mask . . . . . . . . . . . : 255.255.255.0 >>> * * * * Default Gateway . . . . . . . . . : 192.168.3.100 >>> * * * * DHCP Server . . . . . . . . . . . : 192.168.3.100 >>> * * * * DNS Servers . . . . . . . . . . . : 192.168.3.100 >>> * * * * Lease Obtained. . . . . . . . . . : 11 December 2009 11:01:10 >>> * * * * Lease Expires . . . . . . . . . . : 12 December 2009 11:01:10 >>> PPP adapter To Vigor: >> >>> * * * * Connection-specific DNS Suffix *. : >>> * * * * Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface >>> * * * * Physical Address. . . . . . . . . : 00-53-45-00-00-00 >>> * * * * Dhcp Enabled. . . . . . . . . . . : No >>> * * * * IP Address. . . . . . . . . . . . : 192.168.36.21 >>> * * * * Subnet Mask . . . . . . . . . . . : 255.255.255.255 >>> * * * * Default Gateway . . . . . . . . . : 192.168.36.21 >>> * * * * DNS Servers . . . . . . . . . . . : 158.152.1.58 >>> * * * * * * * * * * * * * * * * * * * * * * 158.152.1.43 >>> I have managed to work out that in the LAN setup of the router at work >>> I can force a manual DNS to my .200. *I think it sets the externals >>> automatically from when it connects to the ISP as I can not find where >>> they are physically setup. >> >>> Not sure about DHCP much either! *What are rules 15 and 6? *I have >>> simply set up the router to provide IPs from .21 to .40. >>> My IPs are different at each site: home 192.168.3.x and work >>> 192.168.36.x >> >>> Here is a dump of the .200 server at work which is the DNS. *.100 are >>> the router IPs. >>> Windows IP Configuration >> >>> * *Host Name . . . . . . . . . . . . : Pigotts01 >>> * *Primary Dns Suffix *. . . . . . . : >>> * *Node Type . . . . . . . . . . . . : Hybrid >>> * *IP Routing Enabled. . . . . . . . : No >>> * *WINS Proxy Enabled. . . . . . . . : No >>> * *DNS Suffix Search List. . . . . . : Chichester >>> Ethernet adapter Local Area Connection: >>> * *Connection-specific DNS Suffix *. : Chichester >>> * *Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network >>> Connection >> >>> * *Physical Address. . . . . . . . . : 00-0C-F1-81-70-AA >>> * *DHCP Enabled. . . . . . . . . . . : No >>> * *IP Address. . . . . . . . . . . . : 192.168.36.200 >>> * *Subnet Mask . . . . . . . . . . . : 255.255.255.0 >>> * *Default Gateway . . . . . . . . . : 192.168.36.100 >>> * *DNS Servers . . . . . . . . . . . : 192.168.36.200 >>> * *Primary WINS Server . . . . . . . : 192.168.36.200 >>> While we are on the DNS config I am hugely mistified why the wizard >>> did not set up any reverse data and also whether when I config the NS >>> should it have .Chichester or just . (dot) after the name of the >>> server (pigotts01)? >> >>> Sorry I'm such a novice and keeping us all in on a Friday night! *Its >>> getting hard to check the config as the vpn freezes after a few >>> minutes. *So much I don't know where to start.... >> >> Sorry, I don't mean to confuse you. There are so many things that need >> to be configured depending on what you have running, and expectations. >> If you do not have AD, that simplifies it somewhat. I notice that your >> router is the DNS server. That may be difficult to get working >> expecting to ping an internal machine by name. In this case, you would >> need some sort of server internally to handle DNS and possibly WINS, >> too, however otherwise if you only use your router to connect, whether >> you use the router's IP address for DNS or not, it still will not >> resolve internal names. >> >> Matter of fact, since the router is the VPN server, and for internal >> machines at that location uses the router for DNS, then the router is >> really acting as a 'proxying' resolver, meaning any requets it gets >> from an internal machine, is really sending it out to the ISP's DNS >> addresses configured in the router's WAN interface, hence why it is >> giving you the 158.x.x.x numbers when the VPN client is connected. >> There's not much you can do about that, unless of course, you install >> an internal DNS server. Then that means you have to configure internal >> suffixes, or not and use Option 015 with an internal zone for all >> internal machines. However this complicates it further, so i will not >> try to confuse you any further. >> >> So in light of all this, I would suggest to simply use internal IPs to >> connect to internal machines, for now. >> >> Ace > > Ace, thanks. The router is not the DNS server. The DNS is on .200 > and the router is .100 unless I have config'd it wrong somewhere along > the road. I have setup the DNS to forward and reverse, I think. The > problem appears to be the Vigor box. I have forced it to have the . > 200 as the DNS now instead of the 158 etc IPs. But given the firmware > needs updating I due to a bug of DNS nature I must do that first. > I'll let you know how I get on. The issue is around this box and the > way I can config the connection using its software. Many thanks and > have a good weekend! Well, I'm sorry, I'm now a bit confused. Which machine is the VPN server? The Vigor device (the router), or is it Pigotts01? I had to look back at your ipconfigs. Hermes shows 192.168.36.100 as the DHCP server, DNS and gateway. So that's the router. However, the VPN connection (PPP connection), shows the two 158.x.x.x ISP's DNS addresses. And Pigotts01 does show itself as DNS. However, the suffixes you've configured are single label names. DNS cannot use such a name as a suffix. DNS is hierarchal and needs a minimal of two levels, a TLD (top level domain name) and a first level domain name, such as "example.com." "Example" is the first level name, and "com" is the TLD. Some folks call "example" the second level name, and "com" as the first level name. Either way, it requires a minimal of two levels, otherwise DNS will try to resolve the name as a TLD, (such as com, edu, net, etc). What happens is say you ping the name "lester." The client machine will suffix the search suffix to the name when attempting to resolve it. Therefore the name it will try to resolve is "lester.chichester." DNS will now think that "chichester" is a TLD, such as com, edu, etc. Since it doesn't host any TLD, and whether the zone existed or not as a single level, DNS will send the query to the Root hints. This sends unecessary traffic to the internet Root servers each time you construct a query (whether you ping, etc). The way to fix it is to remove the "chichester" suffix. Otherwise, if it is supposed to be chichester.com, or similar, then that needs to be configured. But then again, if your DNS server does not host a zone called chichester.com (or similar), or any zone for that matter, then there is no need for a suffix. Ok, let's get back to square one. This is "Pigotts01" ======================== Host Name . . . . . . . . . . . . : Pigotts01 Primary Dns Suffix *. . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : Chichester Ethernet adapter Local Area Connection: Connection-specific DNS Suffix *. : Chichester Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection Physical Address. . . . . . . . . : 00-0C-F1-81-70-AA DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.36.200 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.36.100 DNS Servers . . . . . . . . . . . : 192.168.36.200 Primary WINS Server . . . . . . . : 192.168.36.200 And this is Hermes: =============================== Host Name . . . . . . . . . . . . : Hermes Primary Dns Suffix *. . . . . . . : Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : Chichester Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller Physical Address. . . . . . . . . : 00-1C-23-1A-A2-09 Ethernet adapter Wireless Network Connection: Connection-specific DNS Suffix *. : gateway.2wire.net Description . . . . . . . . . . . : Dell Wireless 1505 Draft 802.11n WLAN Mini-Card Physical Address. . . . . . . . . : 00-1D-D9-49-99-BF Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.3.3 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.3.100 DHCP Server . . . . . . . . . . . : 192.168.3.100 DNS Servers . . . . . . . . . . . : 192.168.3.100 Lease Obtained. . . . . . . . . . : 11 December 2009 11:01:10 Lease Expires . . . . . . . . . . : 12 December 2009 11:01:10 PPP adapter To Vigor: Connection-specific DNS Suffix *. : Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface Physical Address. . . . . . . . . : 00-53-45-00-00-00 Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.36.21 Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : 192.168.36.21 DNS Servers . . . . . . . . . . . : 158.152.1.58 * * * * * * * * * * * * * * * * * * 158.152.1.43 Hermes appears to be the VPN client connecting to a VPN server caled Pigotts01. Correct? If so, then the VPN client, Hermes, is supposeldy getting it's IP configuration when it connects using VPN from Pigotts01. Is Pigotts01 a DHCP server? If Pigotts01 is a DNS server, what zones exist on it? Also, why is there a single label name suffix called "chichester?" Sorry if I confused you, but in regards to the suffix, I am trying to point out how the client resolver service works in relation to it's configured DNS servers, as well as understand what machine is the VPN server, among other things. Ace |
|
|
|
|
|||
|
|
|||
|
Ace Fekay [MCT]
Guest
Posts: n/a
|
> On 12 Dec, 06:28, Ace Fekay [MCT] <ace...@mvps.RemoveThisPart.org>
> wrote: >>> On 11 Dec, 20:08, Ace Fekay [MCT] <ace...@mvps.RemoveThisPart.org> >>> wrote: >>>>> On 11 Dec, 19:06, Ace Fekay [MCT] <ace...@mvps.RemoveThisPart.org> >>>>> wrote: >>>>>>> On 11 Dec, 17:51, "Frankster" <fr...@SPAM2TRASH.com> wrote: >>>>>>>> ------------------------------------------------- >>>>>>>> PPP adapter To Vigor: >> >>>>>>>> * * * * Connection-specific DNS Suffix *. : [I would like to add >>>>>>>> "workzone" to this but can't seem to edit it.] >>>>>>>> * * * * Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface >>>>>>>> * * * * Physical Address. . . . . . . . . : 00-etc >>>>>>>> * * * * Dhcp Enabled. . . . . . . . . . . : No >>>>>>>> * * * * IP Address. . . . . . . . . . . . : 2.2.2.1 [work ip] >>>>>>>> * * * * Subnet Mask . . . . . . . . . . . : 255.255.255.255 >>>>>>>> * * * * Default Gateway . . . . . . . . . : 2.2.2.1 [strange - this is >>>>>>>> my ip not the work router!] >> >>>>>>>> * * * * DNS Servers . . . . . . . . . . . : 158.152.1.58 >>>>>>>> * * * * * * * * * * * * * * * * * * * * * * 158.152.1.43 >>>>>>>> Frank - Hope this helps. >> >>>>>>>> ------------------------------------------------ >>>>>>>> It appears that you have edited the actual IPs so it's hard to tell. >>>>>>>> However.... it's the CONNECTED VPN client I was interested in. >>>>>>>> *Apparently the above "PPP" interface. >>>>>>>> You have been assigned a PUBLIC IP for DNS. *This is why you cannot >>>>>>>> reach any of your internal machines by NetBios name. *Or by FQDN >>>>>>>> either, assuming they are in private address space. >>>>>>>> A DNS VPN server should normally be configured to pass out an INTERNAL >>>>>>>> DNS server for name resolution. *Normally is most cases. *But yours >>>>>>>> could be different. I can't tell if you've edited the IPCONFIG (i.e. >>>>>>>> 1.1.1.1, 2.2.2.2., etc.) >> >>>>>>>> I'm not an expert in this arena. *This is just one thing that I know >>>>>>>> is often misconfigured. *Perhaps someone else more knowledgeable can >>>>>>>> chime in. But an unedited IPCONFIG would probably be necessary. >>>>>>>> -Frank >> >>>>>>> Your right - how did it get the external IPs for the DNS? *I'm on to >>>>>>> the Vigor setup now.... >>>>>>> The edited IPs were only my IPs at the remote site they are both the >>>>>>> same (192.168.36.21). Not sure why this is down as the default gateway >>>>>>> either?! >> >>>>>>> Thanks for the help >> >>>>>> Which DHCP server is being used at the VPN side? Check option 006 (the >>>>>> DNS address it provides) to insure that only 192.168.36.21 is the DNS >>>>>> server at the remote network. >> >>>>>> However, if the 192.168.36.0/24 subnet at the remote location is the >>>>>> same as your current location, then you will not be able to communicate >>>>>> to the remote location because they are the same. >>>>>> As for gateways, you can look at the VPN client settings to configure >>>>>> it to use the local default gateway for anything else other than remote >>>>>> VPN connectivity. How to do that depends on which VPN client is being >>>>>> used. >> >>>>>> Ace >> >>>>> Wow - so much stuff I don't understand!! *I want the simplest setup >>>>> possible so if AD is Active Directories I have not got that running >>>>> (Windows Server 2003). *My IPs: .100 is the Router with DHCP (Vigor >>>>> 2820) and .200 is the DNS and main server. *Here is the full ipconfig >>>>> when connected from my client at home: >>>>> Windows IP Configuration >> >>>>> * * * * Host Name . . . . . . . . . . . . : Hermes >>>>> * * * * Primary Dns Suffix *. . . . . . . : >>>>> * * * * Node Type . . . . . . . . . . . . : Broadcast >>>>> * * * * IP Routing Enabled. . . . . . . . : No >>>>> * * * * WINS Proxy Enabled. . . . . . . . : No >>>>> * * * * DNS Suffix Search List. . . . . . : Chichester >>>>> Ethernet adapter Local Area Connection: >>>>> * * * * Media State . . . . . . . . . . . : Media disconnected >>>>> * * * * Description . . . . . . . . . . . : Broadcom NetXtreme 57xx >>>>> Gigabit Controller >> >>>>> * * * * Physical Address. . . . . . . . . : 00-1C-23-1A-A2-09 >>>>> Ethernet adapter Wireless Network Connection: >>>>> * * * * Connection-specific DNS Suffix *. : gateway.2wire.net >>>>> * * * * Description . . . . . . . . . . . : Dell Wireless 1505 Draft >>>>> 802.11n WLAN Mini-Card >> >>>>> * * * * Physical Address. . . . . . . . . : 00-1D-D9-49-99-BF >>>>> * * * * Dhcp Enabled. . . . . . . . . . . : Yes >>>>> * * * * Autoconfiguration Enabled . . . . : Yes >>>>> * * * * IP Address. . . . . . . . . . . . : 192.168.3.3 >>>>> * * * * Subnet Mask . . . . . . . . . . . : 255.255.255.0 >>>>> * * * * Default Gateway . . . . . . . . . : 192.168.3.100 >>>>> * * * * DHCP Server . . . . . . . . . . . : 192.168.3.100 >>>>> * * * * DNS Servers . . . . . . . . . . . : 192.168.3.100 >>>>> * * * * Lease Obtained. . . . . . . . . . : 11 December 2009 11:01:10 >>>>> * * * * Lease Expires . . . . . . . . . . : 12 December 2009 11:01:10 >>>>> PPP adapter To Vigor: >> >>>>> * * * * Connection-specific DNS Suffix *. : >>>>> * * * * Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface >>>>> * * * * Physical Address. . . . . . . . . : 00-53-45-00-00-00 >>>>> * * * * Dhcp Enabled. . . . . . . . . . . : No >>>>> * * * * IP Address. . . . . . . . . . . . : 192.168.36.21 >>>>> * * * * Subnet Mask . . . . . . . . . . . : 255.255.255.255 >>>>> * * * * Default Gateway . . . . . . . . . : 192.168.36.21 >>>>> * * * * DNS Servers . . . . . . . . . . . : 158.152.1.58 >>>>> * * * * * * * * * * * * * * * * * * * * * * 158.152.1.43 >>>>> I have managed to work out that in the LAN setup of the router at work >>>>> I can force a manual DNS to my .200. *I think it sets the externals >>>>> automatically from when it connects to the ISP as I can not find where >>>>> they are physically setup. >> >>>>> Not sure about DHCP much either! *What are rules 15 and 6? *I have >>>>> simply set up the router to provide IPs from .21 to .40. >>>>> My IPs are different at each site: home 192.168.3.x and work >>>>> 192.168.36.x >> >>>>> Here is a dump of the .200 server at work which is the DNS. *.100 are >>>>> the router IPs. >>>>> Windows IP Configuration >> >>>>> * *Host Name . . . . . . . . . . . . : Pigotts01 >>>>> * *Primary Dns Suffix *. . . . . . . : >>>>> * *Node Type . . . . . . . . . . . . : Hybrid >>>>> * *IP Routing Enabled. . . . . . . . : No >>>>> * *WINS Proxy Enabled. . . . . . . . : No >>>>> * *DNS Suffix Search List. . . . . . : Chichester >>>>> Ethernet adapter Local Area Connection: >>>>> * *Connection-specific DNS Suffix *. : Chichester >>>>> * *Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network >>>>> Connection >> >>>>> * *Physical Address. . . . . . . . . : 00-0C-F1-81-70-AA >>>>> * *DHCP Enabled. . . . . . . . . . . : No >>>>> * *IP Address. . . . . . . . . . . . : 192.168.36.200 >>>>> * *Subnet Mask . . . . . . . . . . . : 255.255.255.0 >>>>> * *Default Gateway . . . . . . . . . : 192.168.36.100 >>>>> * *DNS Servers . . . . . . . . . . . : 192.168.36.200 >>>>> * *Primary WINS Server . . . . . . . : 192.168.36.200 >>>>> While we are on the DNS config I am hugely mistified why the wizard >>>>> did not set up any reverse data and also whether when I config the NS >>>>> should it have .Chichester or just . (dot) after the name of the >>>>> server (pigotts01)? >> >>>>> Sorry I'm such a novice and keeping us all in on a Friday night! *Its >>>>> getting hard to check the config as the vpn freezes after a few >>>>> minutes. *So much I don't know where to start.... >>>> Sorry, I don't mean to confuse you. There are so many things that need >>>> to be configured depending on what you have running, and expectations. >>>> If you do not have AD, that simplifies it somewhat. I notice that your >>>> router is the DNS server. That may be difficult to get working >>>> expecting to ping an internal machine by name. In this case, you would >>>> need some sort of server internally to handle DNS and possibly WINS, >>>> too, however otherwise if you only use your router to connect, whether >>>> you use the router's IP address for DNS or not, it still will not >>>> resolve internal names. >> >>>> Matter of fact, since the router is the VPN server, and for internal >>>> machines at that location uses the router for DNS, then the router is >>>> really acting as a 'proxying' resolver, meaning any requets it gets >>>> from an internal machine, is really sending it out to the ISP's DNS >>>> addresses configured in the router's WAN interface, hence why it is >>>> giving you the 158.x.x.x numbers when the VPN client is connected. >>>> There's not much you can do about that, unless of course, you install >>>> an internal DNS server. Then that means you have to configure internal >>>> suffixes, or not and use Option 015 with an internal zone for all >>>> internal machines. However this complicates it further, so i will not >>>> try to confuse you any further. >> >>>> So in light of all this, I would suggest to simply use internal IPs to >>>> connect to internal machines, for now. >>>> Ace >> >>> Ace, thanks. *The router is not the DNS server. *The DNS is on .200 >>> and the router is .100 unless I have config'd it wrong somewhere along >>> the road. *I have setup the DNS to forward and reverse, I think. *The >>> problem appears to be the Vigor box. *I have forced it to have the . >>> 200 as the DNS now instead of the 158 etc IPs. *But given the firmware >>> needs updating I due to a bug of DNS nature I must do that first. >>> I'll let you know how I get on. *The issue is around this box and the >>> way I can config the connection using its software. *Many thanks and >>> have a good weekend! >> >> Well, I'm sorry, I'm now a bit confused. Which machine is the VPN >> server? The Vigor device (the router), or is it Pigotts01? >> >> I had to look back at your ipconfigs. Hermes shows 192.168.36.100 as >> the DHCP server, DNS and gateway. So that's the router. However, the >> VPN connection (PPP connection), shows the two 158.x.x.x ISP's DNS >> addresses. >> >> And Pigotts01 does show itself as DNS. ... >> >> read more » > > Ace, thanks for sticking with me! The confusion is that the xxx.xxx. > 3.xxx is my home setup and xxx.xxx.36.xxx is at work. So when my > laptop is connected to work the DNS should be .200 and the router is . > 100. At home the BT setup likes to pretend the 192.168.3.100 (home > router) is the DNS when really it only then fires it out to the > internet. At home I do not have any clever stuff like DNS or WINS, and > the router is the DHCP. If you bear in mind the 3 and the 36 config I > think the right parts are pointing to the right machines. However on > the PPP adaptor to Vigor (vpn) I can hard code it to point to the > internal 192.168.36.200 DNS. > > At work the vpn server and DHCP is the router which is 192.168.36.100 > and the Pigotts01 is the DNS, WINS. I hope this is now clear? > > I am about to attempt to upgrade the firmware over the vpn (but using > a local machine to feed the file). Fingers crossed! I see. As long as you are using the router as a DNS address on either side, it will ALWAYS resolve to the internet names and addresses. This is because as I previously stated, that a router is not really a DNS server, and it merely "proxies" or forwards out the request to the internet DNS servers that is configured on the router's WAN interface. So you will not get internal name resolution. For it to work on both sides to connect to an internal machine by FQDN name, you MUST use an internal DNS server, NOT the router. If you have WINS, it should resolve to the internan NetBIOS single name. For it to resolve to the internal FQDN of a machine (such as machinename.something.local), then a search suffix matching the zone of the internal namespace must be set. I don't know what the chichester single name thing is, but as I previously explained, that suffixe will NOT work with DNS, therefore the entry is ignored. In DHCP, you can set Option 015 to the internal zone so it populates the client's connected interface to use that as the Search Suffix, but it has to be a proper FQDN and not a single label name. I hope that makes sense. Ace |
|
|
|
|
|||
|
|
|||
|
Ace Fekay [MCT]
Guest
Posts: n/a
|
> > OK, the update went well and things are definately better. Speed has > gone from 500 Bps (TX) to over 11,000! and pings are working on names > too. But although the DNS seems to work I do not understand yet if I > have done things correctly. > > I HAVE set the router at work to point internally to my DNS server for > the primary as the internal DNS points to the external ISP servers. I > think this is what you are stating MUST happen. The internal DNS should also point to *itself.* You will also want to configure a Forwarder. Right-click the DNS server name, properties, Forwarders tab, and type in the ISP's DNS in there, not the router. > I only have one DNS > so the "default" 2nd internet one appears in the ipconfig for the > secondary server. The only way I can get rid of this is to add my > primary DNS in both slots. Or... would it make more sense to have the > 2nd router DNS slot pointing to the primary internet DNS? If you only have one internal server, only point to itself and leave the other one blank. > As my > server should always be up I can't see that the secondary server will > ever be used. Because the ISP sets the DNS settings automatically on > connection there is a manual override. If you can use the manual override, that is good, so you can set it to use the internal DNS server only. > > Setting option 015 is beyond the web-based GUI for my router. I will > have to enquire with Draytek re this one. Option 015 (one of over 50 configurable options) is not quite a standard option, rather is is well used option within many infrastructures. It sets the Search Suffix for the connection that is getting a DHCP provided IP configuration. > Once set are you saying > that the zone will be sent as part of the IP config to the PC by the > DHCP so that that PC will get its DNS requests setup correctly? Yes, that is correct. > If so > is another way to make sure the TCP/IP config is manually configured > under the DNS tab? Again, if so please could you take me through each > option? I know this must seem really basic but it seems that really > obvious stuff is so obvious no one every lists it on the web! You can set it manually in the bottom portion of the DNS tab by clicking "Append these DNS suffixes, and enter them in the box. Remember, "CHICHESTER" is NOT a valid suffix, as I previously explained, nor is it a valid DNS zone. > > My DNS now. The zone is called "Chichester". Your comments about a > single lable name make me ask is my naming of the zone correct? and > when you say that it must be a proper FQDN do you mean the name of the > DNS server, i.e. pigotts01.chichester? No, it must be in teh form of: chichester.com chichester.local chichester.net chichester.lester chichester.whatever etc Notice how the zone name is hierarchal? A zone name is also the domain name. There is no such thing as a single label DNS domain name. Matter of fact, as I previously stated a couple of times, DNS does NOT know how to handle a single label name and will cause *excessive* DNS query traffic to the Internet Root Servers. Therefore, with any of the zones you choose above (whatever it may be), your machine called "pigotts01" will have an FQDN (Fully Qualified Domain Name) of: pigotts01.chichester.whatever Keep in mind, choose a zone name that is not a public zone name such as your own public zone, or additional administrative overhead will be required to allow you to get to your own public website. Choose something generic and private, such as: chichester.local > > On looking at the Forward Lookup screen I note that in the Data column > for SOA and NS the server is just listed as "pigotts01." should this > have the zone at the end as well? Same holds for the Reserve part. As I said, DNS does NOT know how to handle a single label name. It cannot register it into DNS, which is why the single name in the NS and SOA. If the server is set to use the router, it will never get to register into it's own DNS server either because if it is set to use the router, you are telling your own server to send the registration request to the ISP's DNS, and it won't know what it's talking about. > > MY NEW IPCONFIG WITH COMMENTS/QUESTIONS IN [CAPS]: > Windows IP Configuration > Host Name . . . . . . . . . . . . : Hermes > Primary Dns Suffix . . . . . . . : [SHOULD THIS BE SET? IF > SO HOW PLEASE?] > Node Type . . . . . . . . . . . . : Broadcast > IP Routing Enabled. . . . . . . . : No > WINS Proxy Enabled. . . . . . . . : No > DNS Suffix Search List. . . . . . : Chichester [THIS IS > CORRECT, YES?] No, this is a single label name. The client side resolver will ignore ir when trying to resolve a single name (such as a ping). This setting is used by the client side resolver to add to the single name it is trying to resolve. So if you have a machine called LESTER, and you try to ping it, it will be pinging lester.chichester. But this is not in a correct format because in that name it will think it is a domain name and not amachine becaues it will assume that 'chichester' is a TLD (such as com, edu, net, local, etc). It will be ignored. > > Ethernet adapter Local Area Connection: > Media State . . . . . . . . . . . : Media disconnected > Description . . . . . . . . . . . : Broadcom NetXtreme 57xx > Gigabit Controller > Physical Address. . . . . . . . . : 00-1C-23-1A-A2-09 > > Ethernet adapter Wireless Network Connection: > Connection-specific DNS Suffix . : gateway.2wire.net > Description . . . . . . . . . . . : Dell Wireless 1505 Draft > 802.11n WLAN Mini-Card > Physical Address. . . . . . . . . : 00-1D-D9-49-99-BF > Dhcp Enabled. . . . . . . . . . . : Yes > Autoconfiguration Enabled . . . . : Yes > IP Address. . . . . . . . . . . . : 192.168.3.3 [HOME] > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > Default Gateway . . . . . . . . . : 192.168.3.100 [HOME] > DHCP Server . . . . . . . . . . . : 192.168.3.100 [HOME] > DNS Servers . . . . . . . . . . . : 192.168.3.100 [HOME ROUTER > - OK AS NO NEED FOR INTERNAL DNS HERE] Then don't expect it to resolve any internal names. > Lease Obtained. . . . . . . . . . : 14 December 2009 12:32:11 > Lease Expires . . . . . . . . . . : 15 December 2009 12:32:11 > > PPP adapter To Vigor: [VPN TO WORK] > Connection-specific DNS Suffix . : [SHOULD THIS BE SET? IF SO > I WILL HAVE TO CONSULT DRAYTEK] > Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface > Physical Address. . . . . . . . . : 00-53-45-00-00-00 > Dhcp Enabled. . . . . . . . . . . : No [ODD AS WORK ROUTER IS > ENABLED...] This is because the PPP interface (the VPN) is getting an IP from the VPN server, hence your router. It's how it shows up. > > IP Address. . . . . . . . . . . . : 192.168.36.21 [NEW WORK IP > GIVEN] > Subnet Mask . . . . . . . . . . . : 255.255.255.255 > Default Gateway . . . . . . . . . : 192.168.36.21 [ODD THIS IS > NOT 36.100] > DNS Servers . . . . . . . . . . . : 192.168.36.200 [CORRECT!] > > 158.152.1.58 [SEE ABOVE RE > ENTERING .200 AGAIN OR NOT] Just need it once. > > Thank you so much for the time it must take in reading all this I > really appreciate the effort. Where are you located? Chichester is actually a town in my area outside of Philly. Have you considered hiring a qualifed tech that is familiar with this stuff to assist you in getting it configured? I think due to some of the technology you require, a qualified person may be better suited to assist and configure this for you, that can also explain all the settings. You have to make sure, however, that this person is actually qualified and understands name resolution in depth. there are not that many out there that know it in depth. Many are familiar with it, and can make it work, but the majority are not familiar with it in depth. Ace |
|
|
|
|
|||
|
|
|||
|
Ace Fekay [MCT]
Guest
Posts: n/a
|
> On 15 Dec, 04:53, Ace Fekay [MCT] <ace...@mvps.RemoveThisPart.org>
> wrote: >>> OK, the update went well and things are definately better. *Speed has >>> gone from 500 Bps (TX) to over 11,000! *and pings are working on names >>> too. *But although the DNS seems to work I do not understand yet if I >>> have done things correctly. >> >>> I HAVE set the router at work to point internally to my DNS server for >>> the primary as the internal DNS points to the external ISP servers. *I >>> think this is what you are stating MUST happen. * >> >> The internal DNS should also point to *itself.* >> >> You will also want to configure a Forwarder. Right-click the DNS server >> name, properties, Forwarders tab, and type in the ISP's DNS in there, >> not the router. >> >>> I only have one DNS >>> so the "default" 2nd internet one appears in the ipconfig for the >>> secondary server. *The only way I can get rid of this is to add my >>> primary DNS in both slots. *Or... would it make more sense to have the >>> 2nd router DNS slot pointing to the primary internet DNS? * >> >> If you only have one internal server, only point to itself and leave >> the other one blank. >> >>> As my >>> server should always be up I can't see that the secondary server will >>> ever be used. *Because the ISP sets the DNS settings automatically on >>> connection there is a manual override. >> >> If you can use the manual override, that is good, so you can set it to >> use the internal DNS server only. >> >> >> >>> Setting option 015 is beyond the web-based GUI for my router. *I will >>> have to enquire with Draytek re this one. * >> >> Option 015 (one of over 50 configurable options) is not quite a >> standard option, rather is is well used option within many >> infrastructures. It sets the Search Suffix for the connection that is >> getting a DHCP provided IP configuration. >> >>> Once set are you saying >>> that the zone will be sent as part of the IP config to the PC by the >>> DHCP so that that PC will get its DNS requests setup correctly? * >> >> Yes, that is correct. >> >>> If so >>> is another way to make sure the TCP/IP config is manually configured >>> under the DNS tab? *Again, if so please could you take me through each >>> option? *I know this must seem really basic but it seems that really >>> obvious stuff is so obvious no one every lists it on the web! >> >> You can set it manually in the bottom portion of the DNS tab by >> clicking "Append these DNS suffixes, and enter them in the box. >> >> Remember, "CHICHESTER" is NOT a valid suffix, as I previously >> explained, nor is it a valid DNS zone. >> >> >> >>> My DNS now. *The zone is called "Chichester". *Your comments about a >>> single lable name make me ask is my naming of the zone correct? *and >>> when you say that it must be a proper FQDN do you mean the name of the >>> DNS server, i.e. pigotts01.chichester? >> >> No, it must be in teh form of: >> chichester.com >> chichester.local >> chichester.net >> chichester.lester >> chichester.whatever >> etc >> >> Notice how the zone name is hierarchal? A zone name is also the domain >> name. There is no such thing as a single label DNS domain name. Matter >> of fact, as I previously stated a couple of times, DNS does NOT know >> how to handle a single label name and will cause *excessive* DNS query >> traffic to the Internet Root Servers. >> >> Therefore, with any of the zones you choose above (whatever it may be), >> your machine called "pigotts01" will have an FQDN (Fully Qualified >> Domain Name) of: >> pigotts01.chichester.whatever >> >> Keep in mind, choose a zone name that is not a public zone name such as >> your own public zone, or additional administrative overhead will be >> required to allow you to get to your own public website. Choose >> something generic and private, such as: >> >> chichester.local >> >> >> >>> On looking at the Forward Lookup screen I note that in the Data column >>> for SOA and NS the server is just listed as "pigotts01." should this >>> have the zone at the end as well? *Same holds for the Reserve part. >> >> As I said, DNS does NOT know how to handle a single label name. It >> cannot register it into DNS, which is why the single name in the NS and >> SOA. If the server is set to use the router, it will never get to >> register into it's own DNS server either because if it is set to use >> the router, you are telling your own server to send the registration >> request to the ISP's DNS, and it won't know what it's talking about. >> >> >> >>> MY NEW IPCONFIG WITH COMMENTS/QUESTIONS IN [CAPS]: >>> Windows IP Configuration >>> * * * * Host Name . . . . . . . . . . . . : Hermes >>> * * * * Primary Dns Suffix *. . . . . . . : [SHOULD THIS BE SET? *IF >>> SO HOW PLEASE?] >>> * * * * Node Type . . . . . . . . . . . . : Broadcast >>> * * * * IP Routing Enabled. . . . . . . . : No >>> * * * * WINS Proxy Enabled. . . . . . . . : No >>> * * * * DNS Suffix Search List. . . . . . : Chichester [THIS IS >>> CORRECT, YES?] >> >> No, this is a single label name. The client side resolver will ignore >> ir when trying to resolve a single name (such as a ping). This setting >> is used by the client side resolver to add to the single name it is >> trying to resolve. So if you have a machine called LESTER, and you try >> to ping it, it will be pinging lester.chichester. But this is not in a >> correct format because in that name it will think it is a domain name >> and not amachine becaues it will assume that 'chichester' is a TLD >> (such as com, edu, net, local, etc). It will be ignored. >> >> >> >> >> >>> Ethernet adapter Local Area Connection: >>> * * * * Media State . . . . . . . . . . . : Media disconnected >>> * * * * Description . . . . . . . . . . . : Broadcom NetXtreme 57xx >>> Gigabit Controller >>> * * * * Physical Address. . . . . . . . . : 00-1C-23-1A-A2-09 >>> Ethernet adapter Wireless Network Connection: >>> * * * * Connection-specific DNS Suffix *. : gateway.2wire.net >>> * * * * Description . . . . . . . . . . . : Dell Wireless 1505 Draft >>> 802.11n WLAN Mini-Card >>> * * * * Physical Address. . . . . . . . . : 00-1D-D9-49-99-BF >>> * * * * Dhcp Enabled. . . . . . . . . . . : Yes >>> * * * * Autoconfiguration Enabled . . . . : Yes >>> * * * * IP Address. . . . . . . . . . . . : 192.168.3.3 [HOME] >>> * * * * Subnet Mask . . . . . . . . . . . : 255.255.255.0 >>> * * * * Default Gateway . . . . . . . . . : 192.168.3.100 [HOME] >>> * * * * DHCP Server . . . . . . . . . . . : 192.168.3.100 [HOME] >>> * * * * DNS Servers . . . . . . . . . . . : 192.168.3.100 [HOME ROUTER >>> - OK AS NO NEED FOR INTERNAL DNS HERE] >> >> Then don't expect it to resolve any internal names. >> >>> * * * * Lease Obtained. . . . . . . . . . : 14 December 2009 12:32:11 >>> * * * * Lease Expires . . . . . . . . . . : 15 December 2009 12:32:11 >>> PPP adapter To Vigor: [VPN TO WORK] >>> * * * * Connection-specific DNS Suffix *. : [SHOULD THIS BE SET? IF SO >>> I WILL HAVE TO CONSULT DRAYTEK] >>> * * * * Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface >>> * * * * Physical Address. . . . . . . . . : 00-53-45-00-00-00 >>> * * * * Dhcp Enabled. . . . . . . . . . . : No [ODD AS WORK ROUTER IS >>> ENABLED...] >> >> This is because the PPP interface (the VPN) is getting an IP from the >> VPN server, hence your router. It's how it shows up. >> >> >> >>> * * * * IP Address. . . . . . . . . . . . : 192.168.36.21 [NEW WORK IP >>> GIVEN] >>> * * * * Subnet Mask . . . . . . . . . . . : 255.255.255.255 >>> * * * * Default Gateway . . . . . . . . . : 192.168.36.21 [ODD THIS IS >>> NOT 36.100] >>> * * * * DNS Servers . . . . . . . . . . . : 192.168.36.200 [CORRECT!] >>> * * * * * * * * * * * * * * * * * * * * * * 158.152.1.58 [SEE ABOVE RE >>> ENTERING .200 AGAIN OR NOT] >> >> Just need it once. >> >> >> >>> Thank you so much for the time it must take in reading all this I >>> really appreciate the effort. >> >> Where are you located? Chichester is actually a town in my area outside >> of Philly. >> >> Have you considered hiring a qualifed tech that is familiar with this >> stuff to assist you in getting it configured? I think due to some of >> the technology you require, a qualified person may be better suited to >> assist and configure this for you, that can also explain all the >> settings. You have to make sure, however, that this person is actually >> qualified and understands name resolution in depth. there are not that >> many out there that know it in depth. Many are familiar with it, and >> can make it work, but the majority are not familiar with it in depth. >> >> Ace > > Ace by name Ace by nature! Thanks a lot for this detail. Can't > afford a tech guy sadly as we are such a small firm, even for an hour > or two. This Chichester is in Sussex in the UK! > > I will change the local zone to be chichester.local - I missed what > you meant earlier but now it is clear, thanks. I feel that once this > zone is sorted then I should be done. Thanks again. I was going to offer to possibly swing by and straighten this out, but the UK is across the big pond from me. Interview some IT folks explaining what you have, and see what they will charge to assist. Ace |
|
|
|
|
|||
|
|
|||
|
Ace Fekay [MCT]
Guest
Posts: n/a
|
>
> Ace, all seems to be working fine. However not sure what you meant by > "The internal DNS should also point to *itself.* " Where is this set > up? Maybe I have done it without knowing! That is done in the network card's properties. When you type in the DNS IP address in the network card properties, you simply just type in its own IP address, then click OK. > If I run nslookup all > seems ok and I can ping the DNS server. The only other query now is > that under the Reverse Lookup Zone settings the data column has put a > dot after the zone name for each entry. I tried to remove it but it > came back! Is this ok? i.e. "pigotts01.chichester.local." That is fine and default. At least you got this part working. See how easy it is? > Many > thanks. You are welcome, Ace |
|
|
|
|
|||
|
|
|||
|
|
|
| |
|
| Thread Tools | |
| Display Modes | |
|
|
Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc. |
Linear Mode
