My company will soon require DNS registrations to come from DHCP, effectively denying clients the permission to register themselves via DDNS. But Juniper VPN does not appear to allow this configuration for its VPN clients. IÕm hoping someone here can help us out. In the context of Juniper VPN, there are 3 approaches we know of and all 3 have their issues:
1. Option #1. Ideally we would like Juniper (acting as the DHCP server to its VPN clients) to register clients' DNS records on their behalf. However there is an odd behavior where Juniper, instead of registering a clients hostname, puts a long cryptic character string into DNS. This obviously prevents any correct name resolution to the actual client.
2. Option #2 is to try to set Juniper to let Microsoft DHCP register clientsÕ DNS records but this apparently requires enabling split-tunneling which is unacceptable from a security perspective.
3. Option #3 is to allow VPN clients only as an exception but this introduces an inconsistency in our intended architecture.
So my questions are:
Can Juniper do #1 and actually pass the client's host name as we would expect?
Can Juniper do #2 without requiring split-tunneling?
We've had the same problem. I opened a JTAC case about this. But unfortunately, the reply I received is that the NC client has no way to pass the machines name in the DHCP. I've also tried to set up our DHCP server to send a custom Option 12, but that doesn't resolve the problem.
If anyone knows of a way to do this, let us know.
do you have already solve this issue or know somebody a workarround for it? We need also this option for DNS reverse resolution Hostname to IP Adress of NC client for our aplication.