Re: Using DNS & DHCP in multiple sites...
From: Ulf B. Simon-Weidner [MVP] (nospam2-ulf_at_usw-consulting.com)
Date: 04/12/04
- Next message: Bill Reeves: "Win2K3 lost in AD"
- Previous message: Bill Reeves: "Win2K3 lost in AD"
- In reply to: Me: "Re: Using DNS & DHCP in multiple sites..."
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 13 Apr 2004 00:39:12 +0200
Hello Darcy,
answers inline
says...
> Good Day Sir,
>
I'm not Sir - I'm Ulf ;-)
> I have to say thank you so much! You have given me a wonderful,
> descriptive explanation that actually makes sense to me! I really
> appreciate this. I was pretty much right on most of my thinking.
>
Thanks - blush
> My 3Com Firewall (used for the VPN hub and 'central' internet
> access) provides DHCP Relay. I take it that enabling this and
> entering the correct IP of my DHCP server and the IP subnets will
> allow the clients to send requests over the VPN.
>
Test that first - since you use your Firewall as VPN-Hub + DHCP-Relay
I'm not sure which winns - will it route DHCP-Request via VPN or is it
handling those outside - just check that since it might depend on the
device. It's would be supposed to work, but make sure.
> You answered my question about DNS and replication nicely. I will
> configure AD DNS at each site and use replication.
You just need to configure it once - the zones will transfer
automatically if the DNS-Server is on a DC.
> I would like
> the clients to browse the internet via my Firewall at my main site
> where we have content filtering enabled rather than by using the
> local ISP. (This would cause more traffic over the VPN I guess,
> but saves me money on filtering subscriptions at each site.)
>
That's also very common. Depending if you have decentral or central
ISPs and Firewalls you go directly from the sites to the internet or
just central.
In your case going to the internet centrally over the firewall makes
perfect sense.
> Would I just us the address of my main firewall as the Default
> Gateway setting sent to my clients in the DHCP configuration? Or
> do I just set up DNS forwarding on each of the remote sites DNS
> back to my main DNS server?
>
You set the default gateway to your router/firewall which is locally
(your 3Com device).
You configure all DNS-Servers either to forward to the central
DNS-Server, or to a DNS-Server in a DMZ or at your ISPs (or your
central firewall - whoever is resolving external records).
It would even be possible not to resolve external DNS-Records for your
clients, but provide them (IE) with a proxyserver which is able to
resolve external DNS- Records. Depends on what you want to do and what
services you need to access externally.
> Hope you don't mind answering a couple more questions!
>
Nope - never - if you have further questions you are welcome.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
- Next message: Bill Reeves: "Win2K3 lost in AD"
- Previous message: Bill Reeves: "Win2K3 lost in AD"
- In reply to: Me: "Re: Using DNS & DHCP in multiple sites..."
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
