Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
550
Views
0
Helpful
3
Replies

DNS Remote access VPN

m.surtees
Level 1
Level 1

‎07-15-2009 06:02 AM - edited ‎02-21-2020 04:17 PM

Hi,

Altho' generally using no-split-tunnelled RA vpn setups there are some instances where it is necessary. Some staff work extensively on a customer site and need access to our resources as well as those of the site.

It seems to me that the big sticking point in all this is DNS. If you assign a DNS svr via the group-policy then you have the same problem you would if you did not assign one and left it with the remote site's DHCP assigned svr.

For the no to IT literate it is very difficult to explain how to connect their Excahnge svr or file share while still being able to access local file shares and printers.

Anyone know of a way to overcome this problem? (Or if I have not explained it properly)

Any help much appreciated,

Michael

Labels:
0 Helpful
3 Replies 3

Collin Clark
VIP Alumni
VIP Alumni

‎07-15-2009 10:34 AM

One way is to use SSLVPN (Cisco is headed that way anyway) and create a portal for your servers. TS & Citrix will work best.

Hope that helps.

0 Helpful

m.surtees
Level 1
Level 1
In response to Collin Clark

‎07-15-2009 06:24 PM

Hi Colin .. afraid it doesn't. SSL vpns require expensive licensing I believe (pls correct me if I'm wrong) and my Co. is a scrooge at the moment.

We have a TS but if all the required users jump on it at the same time it will die.

Re: Citrix see comments on $$ for SSL VPN

Thanks anyway.

Regards,

Mike

0 Helpful

m.surtees
Level 1
Level 1

‎07-16-2009 12:04 AM

Fixed my own problem .. comes down to DNS suffixes.

group-policy POLICY-01 attributes

<..snip..>

dns-server value x.x.x.x !# the DNS of home - i.e. to whom the vpn clients are connecting to

<..snip..>

split-tunnel-policy tunnelspecified

<..snip..>

default-domain value local.site.suffix !# customer site which RA have access to via split-tunnel

split-dns value home.company.suffix

<..snip..>

As the site DNS is configured when a DHCP address is granted the configuration of the remote DNS just adds one. Then using first one and if necessary the other by virtue of the suffix it seems to fix all those user quirks like drive mappings and print servers etc with just the win friendly hostnames (not FQDN)

Does the trick at any rate.

Hope this is useful to someone else

Michael

0 Helpful
Customers Also Viewed These Support Documents