09-02-2011 08:02 AM
We have a problem with clients (winXP) connecting with the ssl-vpn and registering the vpn supplied ip into dns. When they login onsite, their host a record does NOT get updated. It stays at the ip given to to the ssl-vpn. Our internal dhcp server registers all dns records using a service account. This account doesn't have authority to modify the host a record created by the client. Can we use our dhcp server to issue ip addresses, instead of the dhcp in the PAN? If not, what are our options? We configured the dns/dhcp this way a couple years ago to fix issues with stale records and it has worked flawlessly until now. The PAN replaced checkpoint firewall / vpn that did allow our dhcp server to dish out IPs.
09-18-2011 12:05 AM
We don't support using other DHCP server for our SSLVPN.
What do you mean by login onsite? does it mean that your user will login VPN onsite?
09-19-2011 04:28 AM
When the user comes back onto campus and logs in to the network, not using the vpn, his laptop gets a new ip from our dhcp server. The problem is the dns HOST A record that the client registered while using the vpn doesn't get updated because our dhcp server doesn't own that record.
09-19-2011 09:58 AM
True, your DNS server will not be updated because our DHCP is not integrated within your environment. You could manually enter a value for a generic ssl/vpn connection or in the case of AD you can force a connection to the DC in order to resolve the login name to DNS.
09-20-2011 11:19 AM
Can you please add more detail to this? Not sure what it is you mean: "You could manually enter a value for a generic ssl/vpn connection or in the case of AD you can force a connection to the DC in order to resolve the login name to DNS" Please elaborate.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!