Re: SBS2003: RAS-access via VPN (PPTP): DNS-problem
From: Joe (joe_at_jretrading.com)
Date: 03/17/05
- Next message: happysbsuser: "CEICW fails to start configuration"
- Previous message: joshandjoy_at_gmail.com: "Re: RWW interesting issue"
- Maybe in reply to: Franz Leu: "Re: SBS2003: RAS-access via VPN (PPTP): DNS-problem"
- Next in thread: Joe: "Re: SBS2003: RAS-access via VPN (PPTP): DNS-problem"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 17 Mar 2005 21:56:17 +0000
In message <e3c8c00c.0503160419.3ced7faa@posting.google.com>, Andy
<12121912@gmx.net> writes
>Hello!
>
>We use a SBS2003 which is connected to the internet by a router (Cisco
>SOHO 91, IP-adress: 10.0.0.254) and the router's integrated
>hardware-firewall.
>
>Thats why we use only one network-interface-card in the SBS2003, the
>IP-adress of the server is 10.0.0.1 (static), the LAN-clients get
>their IP-adress from the DHCP-server of the SBS2003
>
>Anything is working proper with this configuration but little problems
>occur on remote-acess via VPN
>
>The router is configured to let VPN-connections (PPTP) pass through to
>the SBS2003. A VPN-connection can be established to the SBS2003.
>
>That's the situation.
>
>Due to several reasons we do not want the RAS-Server to assign
>IP-adresses to the RAS-clients via the DHCP-server (out of the
>internal range 10.0.0.x). Therefore we have configured the
>routing-and-RAS-service to use a static adress-pool (10.10.10.10 bis
>10.10.10.20) for incoming VPN-connections. This work proper. If
>somebody establishes a VPN-connection, the SBS2003-server will appear
>as 10.10.10.10, the VPN-client's ip will be one out of the range
>10.10.10.11 - 10.10.10.20)
>
>The reason why we need to use a different IP-pool than the internal
>(10.0.0.x) for the RAS-client is that the remote client itself also is
>using an internal IP-adress in the same range 10.0.0.x for its
>LAN-connection to its router and the internet.
>
>Now the problem:
>
>When we have established a VPN-connection to the SBS2003, it is not
>possible to reach the SBS2003 with its network-name (sbs2003-server)
>(for example with http://sbs2003-server or sbs2003-server in
>remote-desktop-connection). Obviously the internal DNS-server (at
>10.0.0.1) cannot be reached thorugh the VPN-connection.
>
>If we use the servers VPN-IP-adress 10.10.10.10, both the
>browser-connection and the remote-desktop-connection work perfect.
>Thats why we believe the problem to be a DNS-issue.
>
>Now the question:
>How can we achieve that a remote client can use the internal
>DNS-Server of the SBS2003 through a VPN-connection. DNS-resolving must
>work.
>
>Note:
>Changing the IP-adress-ranges of the SBS2003-network (10.0.0.x) AND
>the remote LAN (also 10.0.0.x) is not possible due to several reasons.
>
>Any ideas?
It is possible to configure SBS to respond to DNS queries on interfaces
other than its LAN one. The other half of the answer is whether SBS is
guaranteed to use one particular address from its range (10.10.10.10 in
this case) for its end of the VPN, because if not then the process
cannot be automatic. I don't know if this can be done.
-- Joe
- Next message: happysbsuser: "CEICW fails to start configuration"
- Previous message: joshandjoy_at_gmail.com: "Re: RWW interesting issue"
- Maybe in reply to: Franz Leu: "Re: SBS2003: RAS-access via VPN (PPTP): DNS-problem"
- Next in thread: Joe: "Re: SBS2003: RAS-access via VPN (PPTP): DNS-problem"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
