Re: VPN Clients and DNS/WINS registration
From: ptwilliams (ptw2001_at_hotmail.com)
Date: 06/30/04
- Next message: 8432: "AD errors"
- Previous message: Herb Martin: "Re: IPSec and Client Restriction"
- In reply to: Thomas W Shinder [MVP]: "Re: VPN Clients and DNS/WINS registration"
- Next in thread: Thomas W Shinder [MVP]: "Re: VPN Clients and DNS/WINS registration"
- Reply: Thomas W Shinder [MVP]: "Re: VPN Clients and DNS/WINS registration"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 30 Jun 2004 22:51:11 +0100
Ah well, the 2004 book *is* more important.
I'll let you off...
Glad to hear that's coming along ;-)
-- Paul Williams _________________________________________ http://www.msresource.net Join us in our new forums! http://forums.msresource.net _________________________________________ "Thomas W Shinder [MVP]" <tshinder@hotmail.com> wrote in message news:uMV3HhuXEHA.3156@TK2MSFTNGP12.phx.gbl... Hi Paul, LOL! I do think about it everyday. :-) I've been busy writing the ISA 2004 book, so it keeps getting on the back burner. The good news is that chapter6 will have the complete VMware procedure for the example network used throughout the book. So, by the time Chapter 6 is finished, that content will be ready and I'll post it to the www.isaserver.org site (No, don't ask me to do it for VPC too :-) Thanks! -- Tom www.isaserver.org/shinder Get the book! Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls "ptwilliams" <ptw2001@hotmail.com> wrote in message news:O2mRGLsXEHA.1980@TK2MSFTNGP10.phx.gbl... : Hey Tom, we don't see you here often ;-) : : How's that ISA/VMware article coming along??? : : (I'll have to write it myself at this rate <grin>) : : -- : : Paul Williams : _________________________________________ : http://www.msresource.net : : : Join us in our new forums! : http://forums.msresource.net : _________________________________________ : "Thomas W Shinder [MVP]" <tshinder@hotmail.com> wrote in message : news:uSHLY8lXEHA.2816@TK2MSFTNGP11.phx.gbl... : Hi Bill, : : I routinely turn off this function for VPN clients, as you'll end up with a : holy mess of your own making. However, you are correct, the VPN clients can : leverage DDNS to register their names and create subsequent problems. : : HTH, : -- : Tom : www.isaserver.org/shinder : ISA Server and Beyond: http://tinyurl.com/1jq1 : Configuring ISA Server: http://tinyurl.com/1llp : ISA Server and Beyond Seminars - http://tinyurl.com/9sce : MVP -- ISA Server 2000 : : : "Bill Grant" <not.available@online> wrote in message : news:eO6dA4kXEHA.3988@tk2msftngp13.phx.gbl... : : On re-reading the original post, we (except Herb) seem to be missing : the : : point. What he really wants to do is resolve the name of the remote client : : from the LAN end. This requires the remote client to register its name and : : VPN IP address correctly in WINS and/or DNS. : : : : Registering in WINS should work as long as the client gets the correct : : WINS address. The problem with registering "transient" connections in WINS : : is that they hang around for quite a while after the user disconnects. : : : : One suggestion I have seen (and tried in a test setup) uses DDNS. : : Create a zone for the remotes (say remotes.mydomain.com ) and set the : client : : to register in DNS with this suffix. The zone should, at any time, have : : entries for all currently connected remote clients. : : : : "Ace Fekay [MVP]" : : <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in : : message news:uZhFT$jXEHA.1584@TK2MSFTNGP10.phx.gbl... : : > In news:OGrpV3iXEHA.1440@TK2MSFTNGP12.phx.gbl, : : > ptwilliams in <ptw2001@hotmail.com> posted their thoughts, then I : offered : : > mine : : > > >You mean lowest numeric for the preferred "interface", right? : : > > (So what we really need to do is bump the cost up on the hardware : : > > NICs so that they will always be greater.) : : > > : : > > Yes, I always use highest - but I meant highest as in highest : : > > priority - lowest number in reality ;-) : : > > : : > > : : > > >I don't think this is dynamic though when the interfaces are : : > > added; is that correct or not? At least not for NEW "registration" : : > > -- it will start using that DNS for resolution and will register : : > > there if we Re-Register DNS (or WINS) but it won't just do it without : : > > prompting I think. : : > > : : > > I honestly don't know!! I guess it depends on the DNS Registration : : > > settings, and the aging settings...but I'm not sure. : : > > : : > > I see what you are saying, and this is perhaps not dynamic enough; : : > > but with a little effort it certainly works. The issue is, as you : : > > imply, for non-admin users... :-( : : > > : : > > : : > : : > As with anything else, something to be tested. I've heard of so many : : > different solutions, its hard to say what's best. But whatever works is : : what : : > I say! : : > :-) : : > : : > -- : : > Regards, : : > Ace : : > : : > Please direct all replies ONLY to the Microsoft public newsgroup so all : : > can benefit. : : > : : > This posting is provided "AS-IS" with no warranties and confers no : : > rights. : : > : : > Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP : : > Microsoft Windows MVP - Active Directory : : > : : > HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a : : > pig. -- : : > ================================= : : > : : > : : : : : : :
- Next message: 8432: "AD errors"
- Previous message: Herb Martin: "Re: IPSec and Client Restriction"
- In reply to: Thomas W Shinder [MVP]: "Re: VPN Clients and DNS/WINS registration"
- Next in thread: Thomas W Shinder [MVP]: "Re: VPN Clients and DNS/WINS registration"
- Reply: Thomas W Shinder [MVP]: "Re: VPN Clients and DNS/WINS registration"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
