Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1497
Views
0
Helpful
3
Replies

register dns

Diego Maciel Gomes
Level 1
Level 1

‎07-25-2012 12:35 PM

Hi,

I need to know if is possible to register a machine into DNS through VPN..

I have a machine with the name note_10.

This machine receives an IP from DHCP server and register its on my DNS server, when I'm in my local network... Everything works fine...

When I connect in my VPN Client, I receive IP from my VPN POOL. This pool is different from my local network... Everything works fine...

I would like my machine could register its new IP of VPN POOL to my DNS server...

For example, when I ping note_10 its response with IP from VPN POOL

Is it possible?

I tried "ipconfig /registerdns" but nothing happened...

My VPN profile receives a full of allowed ports and hosts...

Any idea?

Thanks again

Diego

1 person had this problem
Labels:
0 Helpful
3 Replies 3

Javier Portuguez
Level 9
Level 9

‎07-25-2012 01:07 PM

Hi Diego,

There are 2 ways to have DDNS with VPN clients:

a. When a machine gets an IP from the ASA then it sends a registration request to the DNS server to add its hostname into DNS lsit with that IP address. The problem is that when the VPN connection is terminated, the client can't tell the DNS server that it no longer owns that IP.

b. Have the DHCP / DNS server perform the mapping and add it to DNS. When the DHCP server gets the Request from the client it adds the client's hostname and the IP that it returns in the offer into the DNS table. With this method, if the client disconnects from the VPN, the ASA should send a DHCPRELEASE message on behalf of the VPN client, to free up the address and the server should also remove the proper DNS entry as well.

Let me know.

Thanks.

Please rate this post if you find it helpful.

0 Helpful

Diego Maciel Gomes
Level 1
Level 1
In response to Javier Portuguez

‎07-25-2012 01:27 PM

Hi Javier,

I guess option "a" is good...Lets see if I understood:

When I connect VPN, I receive the IP from VPN POOL normally..

ASA sends my hostname and my IP to DNS server... If I already have an input, its will be updated, right??

If I dont have, new input will be created...

It is what I really wish

When I disconnect from VPN, OK.. ASA doesnt need to do nothing...

When I connect again into my local network, I will update the input into DNS...

So, how can I configure this option "a" ?

0 Helpful

Javier Portuguez
Level 9
Level 9
In response to Diego Maciel Gomes

‎07-25-2012 02:08 PM

To constantly update the DNS record, the best way is to have the VPN clients get the IP address from the domain-controler.

Thanks.

0 Helpful
Customers Also Viewed These Support Documents