DNS Resolution of VPN Clients

Robert Pangrazio 1 Reputation point
2022-01-03T15:52:11.537+00:00

I have an Azure VPN setup and several computers that can connect to it. I have verified that the clients can ping the cloud VMs by hostname and IP, but the cloud VMs can only ping via IP. I can't use the IP addresses as the address is not statically assigned and can change depending on which client connects when.

Is there a way to set up a DNS system that is updated when the client computer connects?

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
593 questions
Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,380 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. SaiKishor-MSFT 17,186 Reputation points
    2022-01-06T07:45:47.697+00:00

    @Robert Pangrazio Thank you for contacting Microsoft Q&A. I understand that you want your cloud VMs to be able to ping the VPN clients using a DNS name since the IP address for the client VPN keeps changing every time it connects.

    While there is no way to setup static IPs for P2S VPN clients at the moment, if your organizations uses Active Directory Integrated DNS zone for name resolution then you can use this to host DNS records for your on-premises datacenter and Azure. In this scenario, there are two sets of AD DS DNS servers: one on-premises and one in the hub VNet. We recommend extending your AD DS domain to Azure. You can give this a try and see if this works for your scenario. Hope this helps.

    Please do let us know if you have any further questions/concerns and we will be glad to assist further. Thank you!

    0 comments
  2. Robert Pangrazio 1 Reputation point
    2022-01-06T14:56:05.137+00:00

    The problem with your solution is I don't have an on-prem DNS server. Each on-prem device will have its own VPN connection and may move physical locations. Do I need to set up a DNS server on a VM in Azure, or is there some mechanism that will allow my VPN clients to register a DNS entry for themselves?

  3. Sebastian 1 Reputation point
    2022-09-21T08:54:17.227+00:00

    @SaiKishor-MSFT Thanks for your Explanation. We already have AlwaysOnVPN in place. Our clients are connection to an Azure Gateway and make dynamic DNS Updates in our Active Directory Integrated DNS. This works perfectly fine for both VPN and onpremise network connected devices. Unfortunetely, we currently facing an issued with VPN Connected devices where the Azure Gateway assigns duplicate ip addresses. Only for the VPN address range we have multiple (3 or more) hostnames for the same ip address!

    How this can be resolved?

    0 comments