Sign in with
Sign up | Sign in
Your question

Resolving DNS from remote subnets

Last response: in Windows 2000/NT
Share
August 8, 2005 1:01:06 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Scenario

Win2K Single Domain
Multiple Phisical sites connected via dedicated lines with Cisco Routers
2 DNS servers on main office's Subnet

Many people come to our remote offices with their laptops and they want to
be able to use the internet from the lobby. I created a separate subnet for
this individuals.

If I place a computer that belongs to the domain in that subnet everything
works fine.

If it is laptop from one of our clients no names are resolved to DNS thus no
internet access. However if they type the address on one or our web sites at
our corporate office where the DNS servers are then it takes them there.

Any thoughts
Anonymous
a b D Laptop
August 8, 2005 4:17:56 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

"AJ" <AJ@discussions.microsoft.com> wrote in message
news:CA4F2014-1163-4062-8F88-5FBB55507549@microsoft.com...
> Scenario
>
> Win2K Single Domain
> Multiple Phisical sites connected via dedicated lines with Cisco Routers
> 2 DNS servers on main office's Subnet
>
> Many people come to our remote offices with their laptops and they want to
> be able to use the internet from the lobby. I created a separate subnet
for
> this individuals.
>
> If I place a computer that belongs to the domain in that subnet everything
> works fine.
>
> If it is laptop from one of our clients no names are resolved to DNS thus
no
> internet access. However if they type the address on one or our web sites
at
> our corporate office where the DNS servers are then it takes them there.

Then you DNS is not properly configured. How do they get their
settins in that location? DHCP?

All INTERNAL DNS servers for a Domain (or even a Forest) should
usually return ALL needed answers.

DNS works fine when routed.

You really should have DNS in each AD Site -- placing it on the DCs
themselves is generally correct and there is seldom a good reason for
having a "site" without a DC.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]


> Any thoughts
Anonymous
a b D Laptop
August 8, 2005 5:22:09 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:CA4F2014-1163-4062-8F88-5FBB55507549@microsoft.com,
AJ <AJ@discussions.microsoft.com> made this post, which I then commented
about below:
> Scenario
>
> Win2K Single Domain
> Multiple Phisical sites connected via dedicated lines with Cisco
> Routers 2 DNS servers on main office's Subnet
>
> Many people come to our remote offices with their laptops and they
> want to be able to use the internet from the lobby. I created a
> separate subnet for this individuals.
>
> If I place a computer that belongs to the domain in that subnet
> everything works fine.
>
> If it is laptop from one of our clients no names are resolved to DNS
> thus no internet access. However if they type the address on one or
> our web sites at our corporate office where the DNS servers are then
> it takes them there.
>
> Any thoughts

IF names are not resolving, my first question is what DNS server address(es)
is(are) provided the clients on that subnet thru DHCP?

Does the router have a firewall rule not allowing any sort of traffic?

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Infinite Diversities in Infinite Combinations.
=================================
Related resources
August 8, 2005 5:22:10 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

The router does not have any rules preventing it nor allowing it.
The other computers (members of the domain) receive DNS from the DHCP and so
the guest computers which show the DNS if I do an IP config. However when you
try to resolve a name to IP it errors off.

I just tested other subnets and as long as the PC is a member of the domain
there is not problem otherwise it is.

Thanks


"Ace Fekay [MVP]" wrote:

> In news:CA4F2014-1163-4062-8F88-5FBB55507549@microsoft.com,
> AJ <AJ@discussions.microsoft.com> made this post, which I then commented
> about below:
> > Scenario
> >
> > Win2K Single Domain
> > Multiple Phisical sites connected via dedicated lines with Cisco
> > Routers 2 DNS servers on main office's Subnet
> >
> > Many people come to our remote offices with their laptops and they
> > want to be able to use the internet from the lobby. I created a
> > separate subnet for this individuals.
> >
> > If I place a computer that belongs to the domain in that subnet
> > everything works fine.
> >
> > If it is laptop from one of our clients no names are resolved to DNS
> > thus no internet access. However if they type the address on one or
> > our web sites at our corporate office where the DNS servers are then
> > it takes them there.
> >
> > Any thoughts
>
> IF names are not resolving, my first question is what DNS server address(es)
> is(are) provided the clients on that subnet thru DHCP?
>
> Does the router have a firewall rule not allowing any sort of traffic?
>
> --
> Regards,
> Ace
>
> Please direct all replies ONLY to the Microsoft public newsgroups
> so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees
> and confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
> Infinite Diversities in Infinite Combinations.
> =================================
>
>
>
Anonymous
a b D Laptop
August 9, 2005 12:48:15 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

"AJ" <AJ@discussions.microsoft.com> wrote in message
news:45755B0C-B4EF-4F60-8FC7-52BC7C984B17@microsoft.com...
> The router does not have any rules preventing it nor allowing it.
> The other computers (members of the domain) receive DNS from the DHCP and
so
> the guest computers which show the DNS if I do an IP config. However when
you
> try to resolve a name to IP it errors off.
>
>

Post the addresses of your DNS servers along with the "IPConfig /all"
of a sample WORKING and a NON-WORKING machine.

Post the text and please don't retype it or use a graphic.

> I just tested other subnets and as long as the PC is a member of the
domain
> there is not problem otherwise it is.

Membership in the domain does NOT affect DNS resolution for that machine;
it might affect registration or resolution of the machine by OTHER machines.

On the other hand, failure of DNS will affect Domain access.

You might also post the Tracert from problem machine to prove you can
route (tracert to the IP address of the DNS server the IPconfig says they
will
use.)


--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

> Thanks
>
>
> "Ace Fekay [MVP]" wrote:
>
> > In news:CA4F2014-1163-4062-8F88-5FBB55507549@microsoft.com,
> > AJ <AJ@discussions.microsoft.com> made this post, which I then commented
> > about below:
> > > Scenario
> > >
> > > Win2K Single Domain
> > > Multiple Phisical sites connected via dedicated lines with Cisco
> > > Routers 2 DNS servers on main office's Subnet
> > >
> > > Many people come to our remote offices with their laptops and they
> > > want to be able to use the internet from the lobby. I created a
> > > separate subnet for this individuals.
> > >
> > > If I place a computer that belongs to the domain in that subnet
> > > everything works fine.
> > >
> > > If it is laptop from one of our clients no names are resolved to DNS
> > > thus no internet access. However if they type the address on one or
> > > our web sites at our corporate office where the DNS servers are then
> > > it takes them there.
> > >
> > > Any thoughts
> >
> > IF names are not resolving, my first question is what DNS server
address(es)
> > is(are) provided the clients on that subnet thru DHCP?
> >
> > Does the router have a firewall rule not allowing any sort of traffic?
> >
> > --
> > Regards,
> > Ace
> >
> > Please direct all replies ONLY to the Microsoft public newsgroups
> > so all can benefit.
> >
> > This posting is provided "AS-IS" with no warranties or guarantees
> > and confers no rights.
> >
> > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> > Microsoft Windows MVP - Windows Server - Directory Services
> > Infinite Diversities in Infinite Combinations.
> > =================================
> >
> >
> >
Anonymous
a b D Laptop
August 9, 2005 5:25:26 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:45755B0C-B4EF-4F60-8FC7-52BC7C984B17@microsoft.com,
AJ <AJ@discussions.microsoft.com> made this post, which I then commented
about below:
> The router does not have any rules preventing it nor allowing it.
> The other computers (members of the domain) receive DNS from the DHCP
> and so the guest computers which show the DNS if I do an IP config.
> However when you try to resolve a name to IP it errors off.
>
> I just tested other subnets and as long as the PC is a member of the
> domain there is not problem otherwise it is.
>
> Thanks

In addition to Herb's suggestions, if you have a Cisco router or PIX
firewall, it may need to be updated to support EDNS0, which *may* or may not
be the problem, but I'm not sure unless I see the info Herb asked.

828263 - DNS query responses do not travel through a firewall in Windows
Server 2003:
http://support.microsoft.com/?id=828263

828731 - An External DNS Query May Cause an Error Message in Windows Server
2003:
http://support.microsoft.com/?id=828731

Ace
!