VPN, IPsec, and Dynamic DNS. Please Help.

[NaBurn]

I am having problems establishing a true two-way ipsec tunnel between clients on the vpn and computers in our office. The problem is w/ dns/wins. when the users are in the office they get a dhcp lease and that updates dns. When they go home they get a new dhcp lease from the isp and that does not update dns. WINS does update w/ the same wins server but the DNS record trumps it. You can force an update w/ the dns server by doing ipconfig /registerdns, but this registers the isp's ip address and not the NAT address. Has anybody been able to get this to work simply. We need to be able to push security and virus updates out through the vpn and we can't do that unless we have an accurate dns record. WINS could be viable if we didn't allow the DHCP server (local) to update dns, then WINS would resolve. But we would like to get rid of WINS all together. Any Suggestions??

 

[yizhar]

HI

The VPN client gets 2 IP addresses.
The first is a registered internet IP from the ISP.
This one should not be registered on your DNS for my opinion since it does not play in the "internal" game.

The second is the IP from the RRAS server (or other VPN server) .
This one could be registered in your DDNS internal server for name resolution.
Maybe if you configure your RRAS server to use DHCP for its clients (instead of a preconfigured IP range), this might solve part of your problem since your DHCP server can then update DDNS.

Bye
Yizhar Hurwitz

http://come.to/yizhar

http://teachers.sivan.co.il/yizhar