Resolving DNS from remote subnets

Archived from groups: microsoft.public.win2000.dns (More info?)

Scenario

Win2K Single Domain
Multiple Phisical sites connected via dedicated lines with Cisco Routers
2 DNS servers on main office's Subnet

Many people come to our remote offices with their laptops and they want to
be able to use the internet from the lobby. I created a separate subnet for
this individuals.

If I place a computer that belongs to the domain in that subnet everything
works fine.

If it is laptop from one of our clients no names are resolved to DNS thus no
internet access. However if they type the address on one or our web sites at
our corporate office where the DNS servers are then it takes them there.

Any thoughts
5 answers Last reply
More about resolving remote subnets
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    "AJ" <AJ@discussions.microsoft.com> wrote in message
    news:CA4F2014-1163-4062-8F88-5FBB55507549@microsoft.com...
    > Scenario
    >
    > Win2K Single Domain
    > Multiple Phisical sites connected via dedicated lines with Cisco Routers
    > 2 DNS servers on main office's Subnet
    >
    > Many people come to our remote offices with their laptops and they want to
    > be able to use the internet from the lobby. I created a separate subnet
    for
    > this individuals.
    >
    > If I place a computer that belongs to the domain in that subnet everything
    > works fine.
    >
    > If it is laptop from one of our clients no names are resolved to DNS thus
    no
    > internet access. However if they type the address on one or our web sites
    at
    > our corporate office where the DNS servers are then it takes them there.

    Then you DNS is not properly configured. How do they get their
    settins in that location? DHCP?

    All INTERNAL DNS servers for a Domain (or even a Forest) should
    usually return ALL needed answers.

    DNS works fine when routed.

    You really should have DNS in each AD Site -- placing it on the DCs
    themselves is generally correct and there is seldom a good reason for
    having a "site" without a DC.

    --
    Herb Martin, MCSE, MVP
    Accelerated MCSE
    http://www.LearnQuick.Com
    [phone number on web site]


    > Any thoughts
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:CA4F2014-1163-4062-8F88-5FBB55507549@microsoft.com,
    AJ <AJ@discussions.microsoft.com> made this post, which I then commented
    about below:
    > Scenario
    >
    > Win2K Single Domain
    > Multiple Phisical sites connected via dedicated lines with Cisco
    > Routers 2 DNS servers on main office's Subnet
    >
    > Many people come to our remote offices with their laptops and they
    > want to be able to use the internet from the lobby. I created a
    > separate subnet for this individuals.
    >
    > If I place a computer that belongs to the domain in that subnet
    > everything works fine.
    >
    > If it is laptop from one of our clients no names are resolved to DNS
    > thus no internet access. However if they type the address on one or
    > our web sites at our corporate office where the DNS servers are then
    > it takes them there.
    >
    > Any thoughts

    IF names are not resolving, my first question is what DNS server address(es)
    is(are) provided the clients on that subnet thru DHCP?

    Does the router have a firewall rule not allowing any sort of traffic?

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services
    Infinite Diversities in Infinite Combinations.
    =================================
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    The router does not have any rules preventing it nor allowing it.
    The other computers (members of the domain) receive DNS from the DHCP and so
    the guest computers which show the DNS if I do an IP config. However when you
    try to resolve a name to IP it errors off.

    I just tested other subnets and as long as the PC is a member of the domain
    there is not problem otherwise it is.

    Thanks


    "Ace Fekay [MVP]" wrote:

    > In news:CA4F2014-1163-4062-8F88-5FBB55507549@microsoft.com,
    > AJ <AJ@discussions.microsoft.com> made this post, which I then commented
    > about below:
    > > Scenario
    > >
    > > Win2K Single Domain
    > > Multiple Phisical sites connected via dedicated lines with Cisco
    > > Routers 2 DNS servers on main office's Subnet
    > >
    > > Many people come to our remote offices with their laptops and they
    > > want to be able to use the internet from the lobby. I created a
    > > separate subnet for this individuals.
    > >
    > > If I place a computer that belongs to the domain in that subnet
    > > everything works fine.
    > >
    > > If it is laptop from one of our clients no names are resolved to DNS
    > > thus no internet access. However if they type the address on one or
    > > our web sites at our corporate office where the DNS servers are then
    > > it takes them there.
    > >
    > > Any thoughts
    >
    > IF names are not resolving, my first question is what DNS server address(es)
    > is(are) provided the clients on that subnet thru DHCP?
    >
    > Does the router have a firewall rule not allowing any sort of traffic?
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    > Infinite Diversities in Infinite Combinations.
    > =================================
    >
    >
    >
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    "AJ" <AJ@discussions.microsoft.com> wrote in message
    news:45755B0C-B4EF-4F60-8FC7-52BC7C984B17@microsoft.com...
    > The router does not have any rules preventing it nor allowing it.
    > The other computers (members of the domain) receive DNS from the DHCP and
    so
    > the guest computers which show the DNS if I do an IP config. However when
    you
    > try to resolve a name to IP it errors off.
    >
    >

    Post the addresses of your DNS servers along with the "IPConfig /all"
    of a sample WORKING and a NON-WORKING machine.

    Post the text and please don't retype it or use a graphic.

    > I just tested other subnets and as long as the PC is a member of the
    domain
    > there is not problem otherwise it is.

    Membership in the domain does NOT affect DNS resolution for that machine;
    it might affect registration or resolution of the machine by OTHER machines.

    On the other hand, failure of DNS will affect Domain access.

    You might also post the Tracert from problem machine to prove you can
    route (tracert to the IP address of the DNS server the IPconfig says they
    will
    use.)


    --
    Herb Martin, MCSE, MVP
    Accelerated MCSE
    http://www.LearnQuick.Com
    [phone number on web site]

    > Thanks
    >
    >
    > "Ace Fekay [MVP]" wrote:
    >
    > > In news:CA4F2014-1163-4062-8F88-5FBB55507549@microsoft.com,
    > > AJ <AJ@discussions.microsoft.com> made this post, which I then commented
    > > about below:
    > > > Scenario
    > > >
    > > > Win2K Single Domain
    > > > Multiple Phisical sites connected via dedicated lines with Cisco
    > > > Routers 2 DNS servers on main office's Subnet
    > > >
    > > > Many people come to our remote offices with their laptops and they
    > > > want to be able to use the internet from the lobby. I created a
    > > > separate subnet for this individuals.
    > > >
    > > > If I place a computer that belongs to the domain in that subnet
    > > > everything works fine.
    > > >
    > > > If it is laptop from one of our clients no names are resolved to DNS
    > > > thus no internet access. However if they type the address on one or
    > > > our web sites at our corporate office where the DNS servers are then
    > > > it takes them there.
    > > >
    > > > Any thoughts
    > >
    > > IF names are not resolving, my first question is what DNS server
    address(es)
    > > is(are) provided the clients on that subnet thru DHCP?
    > >
    > > Does the router have a firewall rule not allowing any sort of traffic?
    > >
    > > --
    > > Regards,
    > > Ace
    > >
    > > Please direct all replies ONLY to the Microsoft public newsgroups
    > > so all can benefit.
    > >
    > > This posting is provided "AS-IS" with no warranties or guarantees
    > > and confers no rights.
    > >
    > > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > > Microsoft Windows MVP - Windows Server - Directory Services
    > > Infinite Diversities in Infinite Combinations.
    > > =================================
    > >
    > >
    > >
  5. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:45755B0C-B4EF-4F60-8FC7-52BC7C984B17@microsoft.com,
    AJ <AJ@discussions.microsoft.com> made this post, which I then commented
    about below:
    > The router does not have any rules preventing it nor allowing it.
    > The other computers (members of the domain) receive DNS from the DHCP
    > and so the guest computers which show the DNS if I do an IP config.
    > However when you try to resolve a name to IP it errors off.
    >
    > I just tested other subnets and as long as the PC is a member of the
    > domain there is not problem otherwise it is.
    >
    > Thanks

    In addition to Herb's suggestions, if you have a Cisco router or PIX
    firewall, it may need to be updated to support EDNS0, which *may* or may not
    be the problem, but I'm not sure unless I see the info Herb asked.

    828263 - DNS query responses do not travel through a firewall in Windows
    Server 2003:
    http://support.microsoft.com/?id=828263

    828731 - An External DNS Query May Cause an Error Message in Windows Server
    2003:
    http://support.microsoft.com/?id=828731

    Ace
Ask a new question

Read More

Laptops DNS Windows