RE: VPN Clients Not Registering in AD DNS
- From: v-mzhuan@xxxxxxxxxxxxxxxxxxxx (Manfred Zhuang [MSFT])
- Date: Thu, 02 Aug 2007 13:15:49 GMT
Hello Customer,
Thank you for posting here.
From your post, I understand that after the clients connect to the servervia VPN, the DNS records of the VPN clients are unable to be registered. If
I have misunderstood your concern, please feel free to correct me.
Firstly I would like to confirm that what is the system installed on the
VPN server? SBS 2003? Windows 2003 server?
If it is Windows 2003 Server, please let me know.
This issue can be caused by several factors. I would like to confirm that
is there a third-party firewall installed in your network?
If yes, I suggest you temporarily remove it and check if it is the cause.
Please refer to following article for more information:
DNS records may not be updated successfully over a VPN connection in
Windows 2000 Server
http://support.microsoft.com/?id=887428
NOTE: This article also applies to SBS 2003.
If it is not the case, let's move on:
Suggestion 1: Re-running CEICW on SBS server:
=============================
Let's re-run CEICW to reset the network configuration. Please refer to
following article to do this.
How to configure Internet access in Windows Small Business Server 2003
http://support.microsoft.com/kb/825763/en-us
If the issue persists, please let me know whether the clients get the IP
address from a DHCP server or from the static address pool. If a DHCP
server is being used, is it an external DHCP server or DHCP service on the
VPN server?
If the VPN clients get the IP addresses from the DHCP service on the VPN
server, I suggest you try enabling DHCP to register DNS record for the
clients:
NOTE: If you do not use DHCP service on the VPN server, please skip
suggestion 1.
Suggestion 2: Enable DHCP to register DNS record for the clients
========================================
1. Run the command DHCPMgmt.msc to bring up the DHCP console
2. Expand the server. Right click Server and click Properties
3. In the DNS tab, please click to check the box "Enable DNS dynamic
updates according to the settings below"
4. Please restart the DHCP service.
5. Please check if the issue persists.
Suggestion 3: Installing Hotfix 885865 on the client workstations
=======================
This issue can also be caused by a problem on Windows XP clients.
I suggest you refer to following article and install Hotfix 885865 on the
clients:
Other computers on the network cannot connect to your Windows XP Service
Pack 2-based DHCP client computer after you log on to a network that is
running the DHCP Server service
http://support.microsoft.com/kb/885865
Suggestion 4: Checking the RRAS setting:
=======================
1. Open Routing and Remote Access management
2. Right click server and click properties
3. Click IP tab.
4. Set Server Local Area Connection for broadcast name resolution.
5. Click OK.
6. Stop and restart RRAS and check if the issue persists.
Suggestion 5: Allow Secure and Non-secure update
================================
1. Open DNS management
2. Expand Forward Lookup Zone and right click the zone of your domain and
click properties
3. Change the Dynamic update method to Nonsecure and secure
4. Click OK.
5. Stop and start the DNS service.
6. Connect a client to the server via VPN and check if the DNS record is
registered.
I hope the above information is helpful to you. However, if the issue
persists, please help me gather following information:
1. TEST:
=======
1. Connect a client to the server via VPN
2. On the client workstation, click Start-->Run, type cmd and click OK.
3. Type ipconfig /registerdns
4. Please check if the DNS record is registered properly and let me know
the result.
2. Please designate a VPN client for troubleshooting. Then please collect
the MPS report on the VPN client and the DNS server. The MPS Report is
utilized to gather detailed information regarding a system's current
configuration. The data collected will assist me with problem isolation. To
do this,
a. Download the MPS Report Tool from the following link:
http://download.microsoft.com/download/b/b/1/bb139fcb-4aac-4fe5-a579-30b0bd9
15706/MPSRPT_NETWORK.EXE
b. After the download is complete, double-click this "MPSRPT_NETWORK.EXE"
file. Then a CAB file will be generated called
%COMPUTERNAME%_MPSReports.CAB. For example, if your computer name is
"MyComputer", this CAB file will be named "MyComputer_MPSReports.CAB". When
you are prompted "Include the MSINFO32 report?", please input Y to continue.
c. Open My Computer, browse to the
"%systemroot%\MPSReports\Network\Reports\CAB" folder. You can find the CAB
file.
d. Please send the 2 CAB files to my mailbox: v-mzhuan@xxxxxxxxxxxxx
3. Please export the DNS zone information by using the dnscmd tool. The
dnscmd tool is included in the Windows support tools which can be found on
the Windows server CD. Please run the X:\SUPPORT\TOOLS\SUPTOOLS.MSI file
from the CD to install the support tools on the DNS server. (X: represents
the CD-ROM)
After installing the support tools, please run the following command on the
DNS server under the command prompt.
dnscmd /enumzones > c:\dns.txt
Please send the dns.txt to me.
Please try the above steps at your earliest convenience. If you have any
concern, please feel free to let me know.
Best regards,
Manfred Zhuang(MSFT)
Microsoft Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
.
- References:
- VPN Clients Not Registering in AD DNS
- From: talkinggoat
- VPN Clients Not Registering in AD DNS
- Prev by Date: RE: SBS 2003 and Service Pack 2 - Issues with Exchange OMA
- Next by Date: RE: Help... Event ID: 13042 "Self Update Not Working"
- Previous by thread: VPN Clients Not Registering in AD DNS
- Next by thread: Exchange SP2 before running an SBS Migration
- Index(es):
Relevant Pages
|
