How do I automatically assign DNS and WINS servers to incoming VPN Clients on WS2k3?

Question

Hello Everyone:

I have a pretty bizarre setup in my lab that would (more likely than not) never exist in the real world.

• A backend network (using 10.x.x.x IP addresses) that represents "the internet" the only thing that has IP on this network are "site routers", email servers, etc. No client devices are here except one (which will become important later).
• The backend network is populated by Windows Server 2003 boxes running RRAS, IAS, DNS, and DHCP (these represent individual sites within an organization, a home, etc.). Each router has one IP address on "WAN" to represent the internet and hands out a limited number of 192.168.x.x IP addresses on the LAN side.
• On one site I have the "site router" setup as a VPN server and I have an XP box connected directly to the 10.x.x.x network just for the sake of it. I have the DHCP set to hand out 2 distinct ranges if you're on the LAN (192.168.27.2-192.168.27.155 and 192.168.90.50-192.168.90.150). In the VPN configuration I have it set to hand out IP addresses as 192.168.90.51...192.168.90.251.
• The VPN IP range is not registered in DHCP but rather set up at the RRAS Server in the IP tab.

The VPN client connects and gets one of the IP addresses out of the above range but does not automatically get DNS, and WINS which manually needs to be configured.

my question then becomes: Given the odd setup, how can I keep the IP ranges for VPN clients out of DHCP clients' hands while still assigning the DNS and WINS servers automatically to VPN clients who connect?

Thanks for any help in advance of answering this one.

***moved from Windows / Other/Unknown / Network and internet***

Answer 1

Automatically Assign DNS and WINS Servers to Incoming VPN Clients on Windows Server 2003

Overview

To automatically assign DNS and WINS servers to VPN clients on a Windows Server 2003 setup without registering the VPN IP range in DHCP, follow these steps:

1. Configure RRAS for VPN:

• Open *Routing and Remote Access* console.
• Right-click on the server, and select *Properties*.
• Go to the *IP* tab.
• Ensure *Enable IP routing*is checked.

2. Configure DNS and WINS Servers:

• Still on the *IP*tab, click *IP address assignment*.
• Select *Static address pool* and configure the pool for VPN clients (e.g., 192.168.90.51 to 192.168.90.251).
• Click *OK*.

---

3. Assign DNS and WINS Servers:

• On the *IP* tab, select *Adapter* from which DNS and WINS information will be derived (usually the adapter connected to the internal network).
• Click *OK* to save settings.

Steps Detailed

---

1. Open RRAS:
   • Open *Routing and Remote Access* from *Administrative Tools*.
   • Right-click your server, select *Configure and Enable Routing and Remote Access*.
   • Follow the wizard to configure as a VPN server.
2. Set Up Static Address Pool:
   • Under *IPv4*, choose *Static address pool*.
   • Add your address range (e.g., 192.168.90.51 to 192.168.90.251).
3. Configure DNS and WINS:
   • On the *General*tab, specify the DNS and WINS servers manually.
   • These settings will be pushed to the clients upon connection.

Additional Considerations

• Ensure that your DNS and WINS settings on the RRAS are correctly pointing to your internal servers.
• Verify firewall settings to ensure they do not block necessary VPN traffic.
• Consider using DHCP relay if you need to dynamically assign IP configurations from a DHCP server.

Following these steps should allow VPN clients to receive DNS and WINS server information automatically without conflicting with DHCP client IP ranges. If you need further assistance, please let us know.

Best regards,

Rosy