NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] SecureRemote and WINS



Title: RE: [FW1] SecureRemote and WINS

No I did not restart the management module, but I am quite sure you don't need to.  During my testing I broke my dnsinfo.C which in turn broke my SecureRemote's ability to resolve internal machines.  I simply put the working dnsinfo.C in place, re-loaded my current policy, did an update on the SecureRemote client and presto! my client can resolve internal machines via DNS again.  Now if I can just get WINS working the same way.  I am convinced there are misplaced ()s in my dnsinfo.C.

I do appreciate the follow-ups.

-----Original Message-----
From: Adams, Gavin [mailto:[email protected]]
Sent: Friday, December 08, 2000 9:55 AM
To: Scott Hunter; [email protected]
Cc: CryptoTech
Subject: RE: [FW1] SecureRemote and WINS


Hi Scott,
 
Hmm, your dnsinfo.C looks almost like mine (excluding the lmhosts
stuff). Stupid question, but did you stop/start your management module?
This is the only way that I know to have the new dnsinfo.C contents sent
to the SR clients. May you also tried deleting and reading the site in
SR?
 
--- Gavin
 
-----Original Message-----
From: Scott Hunter [mailto:[email protected]]
Sent: Friday, December 08, 2000 10:04
To: '[email protected]'
Cc: 'CryptoTech'
Subject: Re: [FW1] SecureRemote and WINS
 
Since that post, I found the split DNS document and implemented that and
DNS resolution is working.  I am not crazy about the idea that I have to
manually distribute a userc.C to all my SecureRemote clients, btw.  I
also stumbled upon some info on how to push LMdata info and I tried it
but it is not working.  I may have some syntax problems in my dninfo.C.
Here is what it looks like now:
----------------SNIP----------------------
(
 :dns_servers (
  : (kirk.scotty
  :obj (
  : (10.0.10.11)
)
:topology (
 : (
  :ipaddr (10.0.10.0)
  :ipmask (255.255.255.0)
 )
)
:domain (
 : (
  :dns_label_count (12)
  :domain (.trek.com)
   )
  )
 )
)
:encrypt_dns (true)
)
(
:LMdata (
: (
:ipaddr (10.0.10.11)
:name (KIRK)
:domain (TREK)
)
: (
:ipaddr (10.0.10.193)
:name (SPOCK)
)
)
)
----------------SNIP----------------------
Where kirk is my PDC,DNS and WINS server, scotty is my FW1 and spock is
a BDC.  Trek is the NT domain and trek.com is Internet domain name.
These names have been changed to protect the innocent.
Thanks for responding!
-----Original Message-----
From: CryptoTech [ mailto:[email protected] <mailto:[email protected]> ]

Sent: Thursday, December 07, 2000 7:10 PM
To: Scott Hunter
Cc: '[email protected]'
Subject: Re: [FW1] SecureRemote and WINS
 
Scott,
In my setup, after I pushed DNS config and WINS resolver info to the
client, he was able to browse based on the contents of the wins server.
Are you saying that this is not working for you?
CryptoTech
Scott Hunter wrote:
 
I have scoured this mailing list archive but I still can't find any info
on how to resolve internal Windows machine names when using
SecureRemote.  I wish I could just add an WINS server entry that would
get sent out as part of userc.c so that the remote machine would attempt
a lookup on an internal WINS server.  I tried manually entering the WINS
server in the IP settings for the dialup connection, but then it doesn't
get DNS server entries and nothing resolves.  I know you can populate
the LMHOSTS file with PDC and BDC info, but does anyone know if you can
populate it with master browser or WINS entries?  Even with PPTP you get
a DHCP address with all of the internal networking info and everything
resolves.  Any thoughts?  Am I going to have to have my ISP add all the
IP address for all the servers?  That's bad for two reasons.  One, many
people want to access machines that get their addresses via DHCP and
two, it doesn't scale.  There must be an automated way of doing this.
Something you can roll out with the SecureRemote client.  If I could
send everyone an LMHOSTS file that would point everyone to the WINS
server that would be good enough, but I don't want to roll out an
LMHOSTS file every day.



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.