Re: Server 2003 R2 to SBS 2003 (not R2) Site to Site VPN
Robert L. (MS-MVP) wrote:
> The problem is the siteB server is DC running VPN and DNS. Since this is
> the situation you face, you may have some options. 1) Install DNS on a
> different server in siteB. 2) re-configure DNS to register only one DNS
> on the windows 2003 DC. 3) Perhaps, install WINS on one of the servers
> on siteB. or this search result may help.
> Name resolution on VPN
> Can't ping VPN client by name Connection issues on DC, ISA, DNS and
> WINS server as VPN server DNS and Split Tunneling for VPN? How to assign
> DNS and WINS on ...
> www.chicagotech.net/nameresolutionpnvpn.htm
>
>
Thanks Robert, but I don't know if I agree that this is a DNS problem -
or at least only a DNS problem. In testing this, I have been pinging by
IP. So DNS shouldn't come into play (heavily) yet. It will certainly
be a concern, but I think I can work out the DNS issues later
The following is the IPCONFIG from SiteA (I've fone a find/replace) on
potentially sensitive information:
Windows IP Configuration
Host Name . . . . . . . . . . . . : SiteA
Primary Dns Suffix . . . . . . . : DOMAIN.LOCAL
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : DOMAIN.LOCAL
PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.165
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter Cable WAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DGE-560T Gigabit
Physical Address. . . . . . . . . : 00-19-5B-C0-83-FE
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : public.ip.122
Subnet Mask . . . . . . . . . . . : 255.255.255.248
Default Gateway . . . . . . . . . : public.ip.121
DNS Servers . . . . . . . . . . . : 192.168.1.133
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter LAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom
Physical Address. . . . . . . . . : 00-18-8B-FC-B4-B8
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.133
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.1.133
Primary WINS Server . . . . . . . : 192.168.1.133
I do not have the IPCONFIG off the SiteB server right now (I hope to be
able to get that sometime between now and tuesday, but from memory, it
was like this:
Windows IP Configuration
Host Name . . . . . . . . . . . . : SiteB
Primary Dns Suffix . . . . . . . : DOMAIN.LOCAL
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : DOMAIN.LOCAL
PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.162
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter Cable WAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom1
Physical Address. . . . . . . . . : 00-18-8C-EB-B3-A7
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : public.ip.203
Subnet Mask . . . . . . . . . . . : 255.255.255.248
Default Gateway . . . . . . . . . : public.ip.201
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter LAN:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom2
Physical Address. . . . . . . . . : 00-18-8C-EB-B3-A6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.17.43.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 172.17.43.1
Primary WINS Server . . . . . . . : 192.168.1.133
When I ping by name on from SiteA to the server "SiteB" I get replies
from the PPP adapter's IP as follows:
C:\>ping SiteB
Pinging SiteB.DOMAIN.LOCAL [192.168.1.162] with 32 bytes of data:
Reply from 192.168.1.162: bytes=32 time=16ms TTL=128
Reply from 192.168.1.162: bytes=32 time=17ms TTL=128
Reply from 192.168.1.162: bytes=32 time=16ms TTL=128
Reply from 192.168.1.162: bytes=32 time=17ms TTL=128
But if I ping the 172 IP address instead:
C:\Program Files\Resource Kit>ping 172.17.43.1
Pinging 172.17.43.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
My routing table on SiteA is as such:
C:\Program Files\Resource Kit>route print
IPv4 Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10002 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
0x10003 ...00 19 5b c0 83 fe ...... DGE-560T Gigabit
0x10004 ...00 18 8b fc b4 b8 ...... Broadcom
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 PUBLIC.IPA.121 PUBLIC.IPA.122 20
UNKNOWN.PUB.IP 255.255.255.255 PUBLIC.IPA.121 PUBLIC.IPA.122 20
PUBLIC.IPB.203 255.255.255.255 PUBLIC.IPA.121 PUBLIC.IPA.122 20
PUBLIC.IPA.120 255.255.255.248 PUBLIC.IPA.122 PUBLIC.IPA.122 20
PUBLIC.IPA.122 255.255.255.255 127.0.0.1 127.0.0.1 20
X.255.255.255 255.255.255.255 PUBLIC.IPA.122 PUBLIC.IPA.122 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
172.17.43.0 255.255.255.0 192.168.1.162 192.168.1.133 1
192.168.1.0 255.255.255.0 192.168.1.133 192.168.1.133 10
192.168.1.133 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.1.153 255.255.255.255 192.168.1.165 192.168.1.165 1
192.168.1.157 255.255.255.255 192.168.1.165 192.168.1.165 1
192.168.1.162 255.255.255.255 192.168.1.165 192.168.1.165 1
192.168.1.165 255.255.255.255 127.0.0.1 127.0.0.1 0
192.168.1.255 255.255.255.255 192.168.1.133 192.168.1.133 0
224.0.0.0 240.0.0.0 PUBLIC.IPA.122 PUBLIC.IPA.122 0
224.0.0.0 240.0.0.0 192.168.1.133 192.168.1.133 0
255.255.255.255 255.255.255.255 PUBLIC.IPA.122 PUBLIC.IPA.122 1
255.255.255.255 255.255.255.255 192.168.1.133 192.168.1.133 1
Default Gateway: PUBLIC.IPA.121
===========================================================================
Persistent Routes:
None
Both Public IP's start with the same first octet, which is represented
by X one line above.
As you can see, I tried adding a route on SITEA using the command:
ROUTE ADD 172.17.43.0 MASK 255.255.255.0 192.168.1.162
but that didn't help (the route is still there). I didn't try creating
a route back from SiteB though... could that be a problem? I wouldn't
think so because as I said, SiteB can ping all systems in SiteA so it
apparently has a route back...