Since that post, I found the split DNS document and implemented
that and DNS resolution is working. I am not crazy about the idea
that I have to manually distribute a userc.C to all my SecureRemote clients,
btw. I also stumbled upon some info on how to push LMdata info and
I tried it but it is not working. I may have some syntax problems
in my dninfo.C. Here is what it looks like now:
----------------SNIP----------------------
(
:dns_servers (
: (kirk.scotty
:obj (
: (10.0.10.11)
)
:topology (
: (
:ipaddr (10.0.10.0)
:ipmask (255.255.255.0)
)
)
:domain (
: (
:dns_label_count (12)
:domain (.trek.com)
)
)
)
)
:encrypt_dns (true)
)
(
:LMdata (
: (
:ipaddr (10.0.10.11)
:name (KIRK)
:domain (TREK)
)
: (
:ipaddr (10.0.10.193)
:name (SPOCK)
)
)
)
----------------SNIP----------------------
Where kirk is my PDC,DNS and WINS server, scotty is my
FW1 and spock is a BDC. Trek is the NT domain and trek.com is Internet
domain name. These names have been changed to protect the innocent.
Thanks for responding!
-----Original Message-----
From: CryptoTech [mailto:[email protected]]
Sent: Thursday, December 07, 2000 7:10 PM
To: Scott Hunter
Cc: '[email protected]'
Subject: Re: [FW1] SecureRemote and WINS
Scott,
In my setup, after I pushed DNS config and WINS resolver
info to the client, he was able to browse based on the contents of the
wins server. Are you saying that this is not working for you?
CryptoTech
Scott Hunter wrote:
I have scoured this mailing list archive but I still can't
find any info on how to resolve internal Windows machine names when using
SecureRemote. I wish I could just add an WINS server entry that would
get sent out as part of userc.c so that the remote machine would attempt
a lookup on an internal WINS server. I tried manually entering the
WINS server in the IP settings for the dialup connection, but then it doesn't
get DNS server entries and nothing resolves. I know you can populate
the LMHOSTS file with PDC and BDC info, but does anyone know if you can
populate it with master browser or WINS entries? Even with PPTP you
get a DHCP address with all of the internal networking info and everything
resolves. Any thoughts? Am I going to have to have my ISP add
all the IP address for all the servers? That's bad for two reasons.
One, many people want to access machines that get their addresses via DHCP
and two, it doesn't scale. There must be an automated way of doing
this. Something you can roll out with the SecureRemote client.
If I could send everyone an LMHOSTS file that would point everyone to the
WINS server that would be good enough, but I don't want to roll out an
LMHOSTS file every day.