cancel
Showing results for 
Search instead for 
Did you mean: 

Prevent DNS registration on Juniper adapter

SF_Dan_
Frequent Contributor

Prevent DNS registration on Juniper adapter

Is there any way to prevent the Juniper network adapter from updating the PC's DNS record? When I have clients split tunnel into other internal networks it updates DNS which then prevents me from using remote management tools like SCCM and computer management.

 

Thanks,

 

Dan

7 REPLIES 7
zanyterp_
Respected Contributor

Re: Prevent DNS registration on Juniper adapter

Unfortunately, no; the DDNS behavior is controlled by the PC and it triggers the change.
If this is all internal, you can _try_ seeing if you can find ports to block that to your DCs but not kill all DNS ability. Can you disable the option on the client or DHCP/DNS server?
SF_Dan_
Frequent Contributor

Re: Prevent DNS registration on Juniper adapter

Thanks for the quick response. I will check the DNS server to see if there is any way I can accomplish what I need there.

 

Thanks,

 

Dan

zanyterp_
Respected Contributor

Re: Prevent DNS registration on Juniper adapter

You are welcome; I'm not sure if it can be done, but those are what I can think of to prevent it.
spuluka
Super Contributor

Re: Prevent DNS registration on Juniper adapter

Actually, there is a standard windows setting to prevent a network adapter from registering in DNS.  This is on the adapter itself.  

Properties of the adapter--Properties of tcp/ip--advanced button--DNS tab--uncheck the register this connection in DNS

 

The issue here is that the Junos Pulse adapter is created during the login process and controlled by the Pulse software.  So it would be in Juniper's developers control to change this setting off the default of checked to unchecked.  Obviously that would require code changes.

 

You could check the registry after the device is created and determine where this setting is located.  Then create a script that applies a registry change to run after connection.

Steve Puluka BSEET - IP Architect - DQE Communications Pittsburgh, PA (Metro-Ethernet & ISP) - http://puluka.com/home
zanyterp_
Respected Contributor

Re: Prevent DNS registration on Juniper adapter

Hi Steve,

 

Thank you for ther update on that this could be fixed at the adapter level. One potential issue would be that some sites want to have the updates. Or are you thinking to have it be set up as an admin option?

spuluka
Super Contributor

Re: Prevent DNS registration on Juniper adapter

I would see this as an admin option to set or not.

 

You are correct, I do want the update, we use this to access computers by name with our admin tools and remote control when connected to Junos Pulse.

 

But I do understand that for other circumstances, like vendor or outside partner computers, this may not be desirable and could cause issues with their local domain systems.

 

The MS default is to register any newly created adapters.

Steve Puluka BSEET - IP Architect - DQE Communications Pittsburgh, PA (Metro-Ethernet & ISP) - http://puluka.com/home
zanyterp_
Respected Contributor

Re: Prevent DNS registration on Juniper adapter

This is a good idea; I don't know what options are available, but if you hadn't already, you may want to send this to your account team for an enhancement request