cancel
Showing results for 
Search instead for 
Did you mean: 

DNS Suffix for Network Connect

SOLVED
Darktan_
Contributor

DNS Suffix for Network Connect

Hello all.

I'm having some issues and our VPN and our 3rd party vendor is less than helpful so I thought I'd go for the source. Hopefully this is an easy issue and I apologizeif this drifts out of the range of Juniper support.

We have an SA-2500 device that is doing our VPN. We're connecting through Network Connect but we have a minor routing issue. We need to adjust the DNS Suffixes on the Juniper connection when you connect. The problem is I can't seem to find where I change that setting. Our device is not doing DHCP. It is funneled back to another server in our network for that. Now when you connect to the VPN, the DNS suffixes change for all adapters, but not to what we need. So something gets pushed, but I need to correct it to the right addresses.

I just need to know if I should be talking to our telco (who owns the DHCP) or looking at the VPN components to change the setting.

Thanks

Peace

--Todd

1 ACCEPTED SOLUTION

Accepted Solutions
drf_
Contributor

Re: DNS Suffix for Network Connect

Darktan,

Do you mean change the "DNS Suffix Search List" when you connect with Network Connect? This can be done by modifying the Network Connect Connection Profile and changing the DNS Domain(s) under the DNS settings. This only applies if you chose to use Manual DNS Settings instead of IVE DNS Settings. The IVE DNS Settings will use whatever is configured under System > Network > Overview. You can change the DNS Domains there as well.

Message Edited by drf on 08-11-2009 05:30 PM

View solution in original post

6 REPLIES 6
mmesojedec_
Occasional Contributor

Re: DNS Suffix for Network Connect

Hi Darktan,


You cannot set the DNS suffix on the Juniper Virtual adapter in the SA settings.

I think that this may be supported in the SA software version 7.0 (release Q1 2010).

For now you can modify the registry settings for specific NC adapter (domain settings).


You can also log in via NC and then modify the settings (Control Panel -> Network Connections -> Network Connect Adapter -> Right click -> Properties -> Internet Protocol (TCP/IP) -> Properties -> Advanced -> DNS tab).


Then put your DNS suffix in the DNS suffix for this connection field (like: sslvpn.local).

Just save and that is all. But this dns suffix is for all your NC. If you log to different web portal via NC your DNS suffix stay the same all the time.

cheers,

mmesojedec

Message Edited by mmesojedec on 08-11-2009 11:01 PM
Message Edited by mmesojedec on 08-11-2009 11:02 PM
Message Edited by mmesojedec on 08-11-2009 11:03 PM
drf_
Contributor

Re: DNS Suffix for Network Connect

Darktan,

Do you mean change the "DNS Suffix Search List" when you connect with Network Connect? This can be done by modifying the Network Connect Connection Profile and changing the DNS Domain(s) under the DNS settings. This only applies if you chose to use Manual DNS Settings instead of IVE DNS Settings. The IVE DNS Settings will use whatever is configured under System > Network > Overview. You can change the DNS Domains there as well.

Message Edited by drf on 08-11-2009 05:30 PM

View solution in original post

Darktan_
Contributor

Re: DNS Suffix for Network Connect

I apologize for some mis-information. Our device is doing the DHCP. Ugh. I hate when I have to confirm information given to me.

So drf... I think that is what I'm altering. Screenshot of DNS entries

I now know where you're talking about and I believe this may be what I'm looking for. Right now there is only one entry there, a 192.xxx.xxx.xxx number. When I connect my DNS suffixes show 192.xxx.xxx.xxx (same number) and na.$company.com. I need to add the other ones. Would it be a simple thing of just adding them to the dialog box? 192.xxx.xxx.xxx, na.$company.com, eu.$company.com, br$.company.com etc? Screen shot attached. SA DNS Entries

I just want to be sure as our test group can get nasty when things are disrupted.

And thank you both for the help.

mmesojedec_
Occasional Contributor

Re: DNS Suffix for Network Connect

Just put your domain name in the "DNS suffix for this connection" field then just click OK (do this in the Juniper Virtual Adapter).

This should put DNS suffix for your NC in the Juniper Virtual Adapter.

cheers,

mmesojedec

Message Edited by mmesojedec on 08-12-2009 02:41 PM
drf_
Contributor

Re: DNS Suffix for Network Connect

Yes just add additional domains separated by a comma. You should remove 192.168.84.180. That is not a DNS domain.

sample.com, na.sample.com, eu.sample.com, .........

Darktan_
Contributor

Re: DNS Suffix for Network Connect

Thank you both for the help. That did it. I wish our vendor could've answered so quickly.

Kudos to both of you!

Peace