Share via

VPN DNS update/registration failure when on site IP provided by DHCP server

James Edmonds 811 Reputation points
2022-09-29T11:14:56.76+00:00

We have our domain controllers acting as on prem DHCP servers, and set to register DNS entries as part of the DHCP process.

I have found today that, for at least some of our remote VPN users, their DNS entries are not updated to their VPN IP, if they had previously been assigned a DHCP address whilst on site.
Even though their DHCP lease is 6 hours, the DNS entry for that lease stuck around.
Even though the security on the DNS entry says SELF is allowed to update, it fails to do so when they connect via the VPN, even though register in DNS is ticked on the VPN connection settings.

I manually deleted the DNS entry for the on prem IP, and a replacement with the VPN IP immediately appeared.

Can anyone suggest why the VPN DNS registration is failing in this scenario?

Cheers
James

Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,316 questions
0 comments

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. JimmySalian-2011 42,071 Reputation points
    2022-09-29T11:28:12.45+00:00

    Hi James,

    Not sure which VPN you are using but it seems for Windows 10 there was a fix released and registry key is available for VPN clients, check this Richard Hicks article for setting up always-on-vpn-dns-registration-update-available

    Hope this helps.

    ==
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

  2. Limitless Technology 44,121 Reputation points
    2022-09-30T08:43:10.227+00:00

    Hello there,

    By default, Windows computers that are statically configured for TCP/IP try to dynamically register host address (A) and pointer (PTR) resource records for IP addresses that are configured and used by their installed network connections.

    Make sure your VPN server's DHCP assigns your AD DNS server to the client (and not some other DNS server address like its own acting like a relay)
    Make sure your router(s) and/or firewall(s) allow for this type of DNS traffic between the VPN client subnet and the AD DNS server.

    You can get some insights about this from here https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/configure-dns-dynamic-updates-windows-server-2003

    ---------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer–

  3. James Edmonds 811 Reputation points
    2022-10-06T11:17:59.653+00:00

    Any other thoughts on what this issue might be please?

    Many thanks
    James

    0 comments
  4. James Edmonds 811 Reputation points
    2022-10-20T11:22:00.357+00:00

    Anyone have any suggestions on what to check please, as it makes remote management over the VPN difficult for things like remote powershell etc.

    Many thanks
    James

    0 comments
  5. James Edmonds 811 Reputation points
    2022-10-27T11:40:17.783+00:00

    Any other suggestions please?

    Cheers
    James