Re: DDNS over vpn connection
- From: Caryn Condon <CarynCondon@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 22 Apr 2009 07:08:17 -0700
Hello,
Sorry it took so long for me to respond. This past weekend we successfully
completed our upgrade from NT4 to Win2k3 AD.
We also resolved the issue with DDNS not working over our vpn connection. It
was definitely related to the version of Checkpoint we are running - R55.
What we did was implement a regisstry solution that allows the traffic to
flow between the 2 sites via the vpn. As I mentioned before, the network guy
confirmed that our vpn is setup to NOT block anything but we still had the
problems so with a little research we came across this solution:
http://support.microsoft.com/default.aspx/kb/899148
On our Win2k3 R2 remote domain controller we added the
Server2003NegotiateDisable entry in
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Rpc
Eventually we will be upgrading the Checkpoint version on our firewall but
until then this fix should get us through until that point.
Thank you for all of your help. I hope this information will be helpful to
someone else.
-Caryn
"Ace Fekay [Microsoft Certified Trainer]" wrote:
"Caryn Condon" <CarynCondon@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message.
news:B71F119E-32AB-411D-A1F7-674DE13B2025@xxxxxxxxxxxxxxxx
Hello Ace,
I noticed your post to another thread I have. Thanks for the response
there.
I think I mistakenly posted there instead of this thread. Anyway, I have
gone
through your list and have answered them below.
At this point I'm not sure if we will get ddns working before tomorrow and
I'm ok with that for the near term. However, I am concerned about the
ability
of the AD Integrated DNS being able to replicate from Site A to Site B.
14. Primary DNS suffix matches the zone name in DNS and the AD domainN/A at this time since we are not AD yet. When we do upgrade this weekend
name?
they will match.
The MUST match, or how is the client supposed to register? The client
machine uses this name to find that name in DNS that it will update into.
Basic rule of registration.
19. Single Label Domain Name?Yes.
If the AD DNS domain name (not the NT4 name) is single label (domain vs the
required miniimum of domain.com, domain.whatver, etc), DNS will not
register. Carefully choose the AD DNS domain name to keep wtih this format.
22. Some sort of firewall in place, whether the Windows firewallWe are further exploring the issue of the firewall as mentioned in my
disabling
File and Print Services, or a 3rd party firewall, which many AV programs
now
have built in and must be adjusted to allow this sort of traffic and
exclude
the NTDS and SYSVOL folders .
other
thread.
I think this is the root cause across the VPN. The router needs to be
updated to support ENDS0 and allow this type of DNS traffic through.
Let me know how you make out with the firewall issue.
Ace
- Follow-Ups:
- Re: DDNS over vpn connection
- From: Ace Fekay [Microsoft Certified Trainer]
- Re: DDNS over vpn connection
- References:
- DDNS over vpn connection
- From: Caryn Condon
- Re: DDNS over vpn connection
- From: Ace Fekay [Microsoft Certified Trainer]
- Re: DDNS over vpn connection
- From: Caryn Condon
- Re: DDNS over vpn connection
- From: Ace Fekay [Microsoft Certified Trainer]
- Re: DDNS over vpn connection
- From: Caryn Condon
- Re: DDNS over vpn connection
- From: Ace Fekay [Microsoft Certified Trainer]
- DDNS over vpn connection
- Prev by Date: Resolving Hosname to IP without DNS(static/dynamic) IP
- Next by Date: Re: DDNS over vpn connection
- Previous by thread: Re: DDNS over vpn connection
- Next by thread: Re: DDNS over vpn connection
- Index(es):
Relevant Pages
|
