|
|
We have three different sites. The sites a separted by a cisco asa firewall
and we can connect to resources at each of the three sites but only by ip
address. We would like to connect to resouces by name. Each site has a
domain controller, and a dns server. All computers are joined to the same
domain.
When I look in the forward lookup zone on each of the DNS servers, at each
site, i can see all the computers in the domain. They are all listed. All
three sites, 192.168.1.x, 172.16.0.x, and 192.168.1.x. Whatever physical
site i am in i cannot connect to resrouces at any of the other sites via
name, only ip address. We would like to connect by name rather than IP
address.
We will be adding three additional sites, with no dns server or domain
controller. Each user, however will have domain credentials to authenticate
and access resoucres. We would like those users to be able to connect to
resouces by name rather than ip address.
thanks.
Joe (and i am not a plumber)
|
|
You can either disable EDNS0 on all your DNS servers
(http://support.microsoft.akadns.net/kb/q828263/) or contact Cisco for the
fix they have for this problem.
Deji
"Joe" <Joe[ at ]discussions.microsoft.com> wrote in message
news:117D4238-5579-4798-9DE4-B0B4C8D07AC7[ at ]microsoft.com...
[Quoted Text] > We have three different sites. The sites a separted by a cisco asa
> firewall
> and we can connect to resources at each of the three sites but only by ip
> address. We would like to connect to resouces by name. Each site has a
> domain controller, and a dns server. All computers are joined to the same
> domain.
>
> When I look in the forward lookup zone on each of the DNS servers, at each
> site, i can see all the computers in the domain. They are all listed.
> All
> three sites, 192.168.1.x, 172.16.0.x, and 192.168.1.x. Whatever physical
> site i am in i cannot connect to resrouces at any of the other sites via
> name, only ip address. We would like to connect by name rather than IP
> address.
>
> We will be adding three additional sites, with no dns server or domain
> controller. Each user, however will have domain credentials to
> authenticate
> and access resoucres. We would like those users to be able to connect to
> resouces by name rather than ip address.
>
> thanks.
>
> Joe (and i am not a plumber)
|
|
Joe,
Can you check what response you get when you query DNS, with nslookup?
Do you really have two sites with the same subnet?
Are you using Netbios name or FQDN to test? If the Netbios name fails, does
the FQDN name succeed?
You will need a WINS server if you want to be able to "browse" resources
across subnets.
Anthony,
http://www.airdesk.com
"Joe" <Joe[ at ]discussions.microsoft.com> wrote in message
news:117D4238-5579-4798-9DE4-B0B4C8D07AC7[ at ]microsoft.com...
[Quoted Text] > We have three different sites. The sites a separted by a cisco asa
> firewall
> and we can connect to resources at each of the three sites but only by ip
> address. We would like to connect to resouces by name. Each site has a
> domain controller, and a dns server. All computers are joined to the same
> domain.
>
> When I look in the forward lookup zone on each of the DNS servers, at each
> site, i can see all the computers in the domain. They are all listed.
> All
> three sites, 192.168.1.x, 172.16.0.x, and 192.168.1.x. Whatever physical
> site i am in i cannot connect to resrouces at any of the other sites via
> name, only ip address. We would like to connect by name rather than IP
> address.
>
> We will be adding three additional sites, with no dns server or domain
> controller. Each user, however will have domain credentials to
> authenticate
> and access resoucres. We would like those users to be able to connect to
> resouces by name rather than ip address.
>
> thanks.
>
> Joe (and i am not a plumber)
|
|
No. That is a mistake. Thanks for being sharp! The subnets are all
different. 100.100.100.x, 172.16.0.x and 192.168.1.x. I use the netbios
name to test. For example if i want to ping the server 100.100.100.9 by
name, from site 172.16.0.x, i ping "marketing" - and no response, i can ping
the ip and i get a reply.
Where do i need wins server installed. I am curios why DNS in windows
server would not be able to resolve a name across a site? why would dns only
work within the site I am at, or to the internet? Why would i be able to
ping and ip address internally but not a name?
"Anthony [MVP]" wrote:
[Quoted Text] > Joe, > Can you check what response you get when you query DNS, with nslookup? > Do you really have two sites with the same subnet? > Are you using Netbios name or FQDN to test? If the Netbios name fails, does > the FQDN name succeed? > You will need a WINS server if you want to be able to "browse" resources > across subnets. > Anthony, > http://www.airdesk.com> > > "Joe" <Joe[ at ]discussions.microsoft.com> wrote in message > news:117D4238-5579-4798-9DE4-B0B4C8D07AC7[ at ]microsoft.com... > > We have three different sites. The sites a separted by a cisco asa > > firewall > > and we can connect to resources at each of the three sites but only by ip > > address. We would like to connect to resouces by name. Each site has a > > domain controller, and a dns server. All computers are joined to the same > > domain. > > > > When I look in the forward lookup zone on each of the DNS servers, at each > > site, i can see all the computers in the domain. They are all listed. > > All > > three sites, 192.168.1.x, 172.16.0.x, and 192.168.1.x. Whatever physical > > site i am in i cannot connect to resrouces at any of the other sites via > > name, only ip address. We would like to connect by name rather than IP > > address. > > > > We will be adding three additional sites, with no dns server or domain > > controller. Each user, however will have domain credentials to > > authenticate > > and access resoucres. We would like those users to be able to connect to > > resouces by name rather than ip address. > > > > thanks. > > > > Joe (and i am not a plumber) > > |
|
Joe,
Can you check what response you get when you query DNS, with nslookup?
If the Netbios name fails, does the FQDN name succeed?
You will need a WINS server if you want to be able to "browse" resources
across subnets.
You would need to assign a WINS server address to each PC; ideally a WINS
server at each site. The DC can easily act as a WINS server.
Anthony,
http://www.airdesk.com
"Joe" <Joe[ at ]discussions.microsoft.com> wrote in message
news:2E21787B-6596-4BF0-93B1-EBE7CD3718B9[ at ]microsoft.com...
[Quoted Text] > No. That is a mistake. Thanks for being sharp! The subnets are all > different. 100.100.100.x, 172.16.0.x and 192.168.1.x. I use the netbios > name to test. For example if i want to ping the server 100.100.100.9 by > name, from site 172.16.0.x, i ping "marketing" - and no response, i can > ping > the ip and i get a reply. > > Where do i need wins server installed. I am curios why DNS in windows > server would not be able to resolve a name across a site? why would dns > only > work within the site I am at, or to the internet? Why would i be able to > ping and ip address internally but not a name? > > "Anthony [MVP]" wrote: > >> Joe, >> Can you check what response you get when you query DNS, with nslookup? >> Do you really have two sites with the same subnet? >> Are you using Netbios name or FQDN to test? If the Netbios name fails, >> does >> the FQDN name succeed? >> You will need a WINS server if you want to be able to "browse" resources >> across subnets. >> Anthony, >> http://www.airdesk.com>> >> >> "Joe" <Joe[ at ]discussions.microsoft.com> wrote in message >> news:117D4238-5579-4798-9DE4-B0B4C8D07AC7[ at ]microsoft.com... >> > We have three different sites. The sites a separted by a cisco asa >> > firewall >> > and we can connect to resources at each of the three sites but only by >> > ip >> > address. We would like to connect to resouces by name. Each site has >> > a >> > domain controller, and a dns server. All computers are joined to the >> > same >> > domain. >> > >> > When I look in the forward lookup zone on each of the DNS servers, at >> > each >> > site, i can see all the computers in the domain. They are all listed. >> > All >> > three sites, 192.168.1.x, 172.16.0.x, and 192.168.1.x. Whatever >> > physical >> > site i am in i cannot connect to resrouces at any of the other sites >> > via >> > name, only ip address. We would like to connect by name rather than IP >> > address. >> > >> > We will be adding three additional sites, with no dns server or domain >> > controller. Each user, however will have domain credentials to >> > authenticate >> > and access resoucres. We would like those users to be able to connect >> > to >> > resouces by name rather than ip address. >> > >> > thanks. >> > >> > Joe (and i am not a plumber) >> >> |
|
Anthony,
You do not NEED WINS to resolve name across subnets. This is a common
misconception and needs the recommendation needs to be dropped.
You are on the right track asking the OP to ping FQDN. If that succeeds,
then he is probably running into incorrect/incomplete Suffix Search List
issues and needs to add the appropriate suffixes to his clients. You can
ping across oceans without WINS.
Deji
"Anthony [MVP]" <anthony[ at ]no-reply.com> wrote in message
news:eTUYcbHNJHA.4716[ at ]TK2MSFTNGP03.phx.gbl...
[Quoted Text] > Joe, > Can you check what response you get when you query DNS, with nslookup? > If the Netbios name fails, does the FQDN name succeed? > You will need a WINS server if you want to be able to "browse" resources > across subnets. > You would need to assign a WINS server address to each PC; ideally a WINS > server at each site. The DC can easily act as a WINS server. > Anthony, > http://www.airdesk.com> > > "Joe" <Joe[ at ]discussions.microsoft.com> wrote in message > news:2E21787B-6596-4BF0-93B1-EBE7CD3718B9[ at ]microsoft.com... >> No. That is a mistake. Thanks for being sharp! The subnets are all >> different. 100.100.100.x, 172.16.0.x and 192.168.1.x. I use the netbios >> name to test. For example if i want to ping the server 100.100.100.9 by >> name, from site 172.16.0.x, i ping "marketing" - and no response, i can >> ping >> the ip and i get a reply. >> >> Where do i need wins server installed. I am curios why DNS in windows >> server would not be able to resolve a name across a site? why would dns >> only >> work within the site I am at, or to the internet? Why would i be able to >> ping and ip address internally but not a name? >> >> "Anthony [MVP]" wrote: >> >>> Joe, >>> Can you check what response you get when you query DNS, with nslookup? >>> Do you really have two sites with the same subnet? >>> Are you using Netbios name or FQDN to test? If the Netbios name fails, >>> does >>> the FQDN name succeed? >>> You will need a WINS server if you want to be able to "browse" resources >>> across subnets. >>> Anthony, >>> http://www.airdesk.com>>> >>> >>> "Joe" <Joe[ at ]discussions.microsoft.com> wrote in message >>> news:117D4238-5579-4798-9DE4-B0B4C8D07AC7[ at ]microsoft.com... >>> > We have three different sites. The sites a separted by a cisco asa >>> > firewall >>> > and we can connect to resources at each of the three sites but only by >>> > ip >>> > address. We would like to connect to resouces by name. Each site has >>> > a >>> > domain controller, and a dns server. All computers are joined to the >>> > same >>> > domain. >>> > >>> > When I look in the forward lookup zone on each of the DNS servers, at >>> > each >>> > site, i can see all the computers in the domain. They are all listed. >>> > All >>> > three sites, 192.168.1.x, 172.16.0.x, and 192.168.1.x. Whatever >>> > physical >>> > site i am in i cannot connect to resrouces at any of the other sites >>> > via >>> > name, only ip address. We would like to connect by name rather than >>> > IP >>> > address. >>> > >>> > We will be adding three additional sites, with no dns server or domain >>> > controller. Each user, however will have domain credentials to >>> > authenticate >>> > and access resoucres. We would like those users to be able to connect >>> > to >>> > resouces by name rather than ip address. >>> > >>> > thanks. >>> > >>> > Joe (and i am not a plumber) >>> >>>
|
|
Deji,
Thanks but I did not say you need WINS for name resolution across subnets. I
said you need WINS to "browse" across subnets. The quotation marks indicate
the use of a specific term. To "Browse" refers to utilities that use
Netbios, such as Network Neighbourhood.
Anthony,
http://www.airdesk.com
"A, Deji" <deji[ at ]akomolafe.com> wrote in message
news:OKv2hrNNJHA.5060[ at ]TK2MSFTNGP02.phx.gbl...
[Quoted Text] > Anthony, > > You do not NEED WINS to resolve name across subnets. This is a common > misconception and needs the recommendation needs to be dropped. > > You are on the right track asking the OP to ping FQDN. If that succeeds, > then he is probably running into incorrect/incomplete Suffix Search List > issues and needs to add the appropriate suffixes to his clients. You can > ping across oceans without WINS. > > Deji > "Anthony [MVP]" <anthony[ at ]no-reply.com> wrote in message > news:eTUYcbHNJHA.4716[ at ]TK2MSFTNGP03.phx.gbl... >> Joe, >> Can you check what response you get when you query DNS, with nslookup? >> If the Netbios name fails, does the FQDN name succeed? >> You will need a WINS server if you want to be able to "browse" resources >> across subnets. >> You would need to assign a WINS server address to each PC; ideally a WINS >> server at each site. The DC can easily act as a WINS server. >> Anthony, >> http://www.airdesk.com>> >> >> "Joe" <Joe[ at ]discussions.microsoft.com> wrote in message >> news:2E21787B-6596-4BF0-93B1-EBE7CD3718B9[ at ]microsoft.com... >>> No. That is a mistake. Thanks for being sharp! The subnets are all >>> different. 100.100.100.x, 172.16.0.x and 192.168.1.x. I use the >>> netbios >>> name to test. For example if i want to ping the server 100.100.100.9 by >>> name, from site 172.16.0.x, i ping "marketing" - and no response, i can >>> ping >>> the ip and i get a reply. >>> >>> Where do i need wins server installed. I am curios why DNS in windows >>> server would not be able to resolve a name across a site? why would dns >>> only >>> work within the site I am at, or to the internet? Why would i be able >>> to >>> ping and ip address internally but not a name? >>> >>> "Anthony [MVP]" wrote: >>> >>>> Joe, >>>> Can you check what response you get when you query DNS, with nslookup? >>>> Do you really have two sites with the same subnet? >>>> Are you using Netbios name or FQDN to test? If the Netbios name fails, >>>> does >>>> the FQDN name succeed? >>>> You will need a WINS server if you want to be able to "browse" >>>> resources >>>> across subnets. >>>> Anthony, >>>> http://www.airdesk.com>>>> >>>> >>>> "Joe" <Joe[ at ]discussions.microsoft.com> wrote in message >>>> news:117D4238-5579-4798-9DE4-B0B4C8D07AC7[ at ]microsoft.com... >>>> > We have three different sites. The sites a separted by a cisco asa >>>> > firewall >>>> > and we can connect to resources at each of the three sites but only >>>> > by ip >>>> > address. We would like to connect to resouces by name. Each site >>>> > has a >>>> > domain controller, and a dns server. All computers are joined to the >>>> > same >>>> > domain. >>>> > >>>> > When I look in the forward lookup zone on each of the DNS servers, at >>>> > each >>>> > site, i can see all the computers in the domain. They are all >>>> > listed. >>>> > All >>>> > three sites, 192.168.1.x, 172.16.0.x, and 192.168.1.x. Whatever >>>> > physical >>>> > site i am in i cannot connect to resrouces at any of the other sites >>>> > via >>>> > name, only ip address. We would like to connect by name rather than >>>> > IP >>>> > address. >>>> > >>>> > We will be adding three additional sites, with no dns server or >>>> > domain >>>> > controller. Each user, however will have domain credentials to >>>> > authenticate >>>> > and access resoucres. We would like those users to be able to >>>> > connect to >>>> > resouces by name rather than ip address. >>>> > >>>> > thanks. >>>> > >>>> > Joe (and i am not a plumber) >>>> >>>> > |
|
Apologies, Anthony.
Deji
"Anthony [MVP]" <anthony[ at ]no-reply.com> wrote in message
news:%23GhurESNJHA.5384[ at ]TK2MSFTNGP05.phx.gbl...
[Quoted Text] > Deji, > Thanks but I did not say you need WINS for name resolution across subnets. > I said you need WINS to "browse" across subnets. The quotation marks > indicate the use of a specific term. To "Browse" refers to utilities that > use Netbios, such as Network Neighbourhood. > Anthony, > http://www.airdesk.com> > > "A, Deji" <deji[ at ]akomolafe.com> wrote in message > news:OKv2hrNNJHA.5060[ at ]TK2MSFTNGP02.phx.gbl... >> Anthony, >> >> You do not NEED WINS to resolve name across subnets. This is a common >> misconception and needs the recommendation needs to be dropped. >> >> You are on the right track asking the OP to ping FQDN. If that succeeds, >> then he is probably running into incorrect/incomplete Suffix Search List >> issues and needs to add the appropriate suffixes to his clients. You can >> ping across oceans without WINS. >> >> Deji >> "Anthony [MVP]" <anthony[ at ]no-reply.com> wrote in message >> news:eTUYcbHNJHA.4716[ at ]TK2MSFTNGP03.phx.gbl... >>> Joe, >>> Can you check what response you get when you query DNS, with nslookup? >>> If the Netbios name fails, does the FQDN name succeed? >>> You will need a WINS server if you want to be able to "browse" resources >>> across subnets. >>> You would need to assign a WINS server address to each PC; ideally a >>> WINS server at each site. The DC can easily act as a WINS server. >>> Anthony, >>> http://www.airdesk.com>>> >>> >>> "Joe" <Joe[ at ]discussions.microsoft.com> wrote in message >>> news:2E21787B-6596-4BF0-93B1-EBE7CD3718B9[ at ]microsoft.com... >>>> No. That is a mistake. Thanks for being sharp! The subnets are all >>>> different. 100.100.100.x, 172.16.0.x and 192.168.1.x. I use the >>>> netbios >>>> name to test. For example if i want to ping the server 100.100.100.9 >>>> by >>>> name, from site 172.16.0.x, i ping "marketing" - and no response, i can >>>> ping >>>> the ip and i get a reply. >>>> >>>> Where do i need wins server installed. I am curios why DNS in windows >>>> server would not be able to resolve a name across a site? why would >>>> dns only >>>> work within the site I am at, or to the internet? Why would i be able >>>> to >>>> ping and ip address internally but not a name? >>>> >>>> "Anthony [MVP]" wrote: >>>> >>>>> Joe, >>>>> Can you check what response you get when you query DNS, with nslookup? >>>>> Do you really have two sites with the same subnet? >>>>> Are you using Netbios name or FQDN to test? If the Netbios name fails, >>>>> does >>>>> the FQDN name succeed? >>>>> You will need a WINS server if you want to be able to "browse" >>>>> resources >>>>> across subnets. >>>>> Anthony, >>>>> http://www.airdesk.com>>>>> >>>>> >>>>> "Joe" <Joe[ at ]discussions.microsoft.com> wrote in message >>>>> news:117D4238-5579-4798-9DE4-B0B4C8D07AC7[ at ]microsoft.com... >>>>> > We have three different sites. The sites a separted by a cisco asa >>>>> > firewall >>>>> > and we can connect to resources at each of the three sites but only >>>>> > by ip >>>>> > address. We would like to connect to resouces by name. Each site >>>>> > has a >>>>> > domain controller, and a dns server. All computers are joined to >>>>> > the same >>>>> > domain. >>>>> > >>>>> > When I look in the forward lookup zone on each of the DNS servers, >>>>> > at each >>>>> > site, i can see all the computers in the domain. They are all >>>>> > listed. >>>>> > All >>>>> > three sites, 192.168.1.x, 172.16.0.x, and 192.168.1.x. Whatever >>>>> > physical >>>>> > site i am in i cannot connect to resrouces at any of the other sites >>>>> > via >>>>> > name, only ip address. We would like to connect by name rather than >>>>> > IP >>>>> > address. >>>>> > >>>>> > We will be adding three additional sites, with no dns server or >>>>> > domain >>>>> > controller. Each user, however will have domain credentials to >>>>> > authenticate >>>>> > and access resoucres. We would like those users to be able to >>>>> > connect to >>>>> > resouces by name rather than ip address. >>>>> > >>>>> > thanks. >>>>> > >>>>> > Joe (and i am not a plumber) >>>>> >>>>> >>
|
|
No problem
"A, Deji" <deji[ at ]akomolafe.com> wrote in message
news:uqjIDhTNJHA.4772[ at ]TK2MSFTNGP03.phx.gbl...
[Quoted Text] > Apologies, Anthony. > > Deji > > "Anthony [MVP]" <anthony[ at ]no-reply.com> wrote in message > news:%23GhurESNJHA.5384[ at ]TK2MSFTNGP05.phx.gbl... >> Deji, >> Thanks but I did not say you need WINS for name resolution across >> subnets. I said you need WINS to "browse" across subnets. The quotation >> marks indicate the use of a specific term. To "Browse" refers to >> utilities that use Netbios, such as Network Neighbourhood. >> Anthony, >> http://www.airdesk.com>> >> >> "A, Deji" <deji[ at ]akomolafe.com> wrote in message >> news:OKv2hrNNJHA.5060[ at ]TK2MSFTNGP02.phx.gbl... >>> Anthony, >>> >>> You do not NEED WINS to resolve name across subnets. This is a common >>> misconception and needs the recommendation needs to be dropped. >>> >>> You are on the right track asking the OP to ping FQDN. If that succeeds, >>> then he is probably running into incorrect/incomplete Suffix Search List >>> issues and needs to add the appropriate suffixes to his clients. You can >>> ping across oceans without WINS. >>> >>> Deji >>> "Anthony [MVP]" <anthony[ at ]no-reply.com> wrote in message >>> news:eTUYcbHNJHA.4716[ at ]TK2MSFTNGP03.phx.gbl... >>>> Joe, >>>> Can you check what response you get when you query DNS, with nslookup? >>>> If the Netbios name fails, does the FQDN name succeed? >>>> You will need a WINS server if you want to be able to "browse" >>>> resources across subnets. >>>> You would need to assign a WINS server address to each PC; ideally a >>>> WINS server at each site. The DC can easily act as a WINS server. >>>> Anthony, >>>> http://www.airdesk.com>>>> >>>> >>>> "Joe" <Joe[ at ]discussions.microsoft.com> wrote in message >>>> news:2E21787B-6596-4BF0-93B1-EBE7CD3718B9[ at ]microsoft.com... >>>>> No. That is a mistake. Thanks for being sharp! The subnets are all >>>>> different. 100.100.100.x, 172.16.0.x and 192.168.1.x. I use the >>>>> netbios >>>>> name to test. For example if i want to ping the server 100.100.100.9 >>>>> by >>>>> name, from site 172.16.0.x, i ping "marketing" - and no response, i >>>>> can ping >>>>> the ip and i get a reply. >>>>> >>>>> Where do i need wins server installed. I am curios why DNS in windows >>>>> server would not be able to resolve a name across a site? why would >>>>> dns only >>>>> work within the site I am at, or to the internet? Why would i be able >>>>> to >>>>> ping and ip address internally but not a name? >>>>> >>>>> "Anthony [MVP]" wrote: >>>>> >>>>>> Joe, >>>>>> Can you check what response you get when you query DNS, with >>>>>> nslookup? >>>>>> Do you really have two sites with the same subnet? >>>>>> Are you using Netbios name or FQDN to test? If the Netbios name >>>>>> fails, does >>>>>> the FQDN name succeed? >>>>>> You will need a WINS server if you want to be able to "browse" >>>>>> resources >>>>>> across subnets. >>>>>> Anthony, >>>>>> http://www.airdesk.com>>>>>> >>>>>> >>>>>> "Joe" <Joe[ at ]discussions.microsoft.com> wrote in message >>>>>> news:117D4238-5579-4798-9DE4-B0B4C8D07AC7[ at ]microsoft.com... >>>>>> > We have three different sites. The sites a separted by a cisco asa >>>>>> > firewall >>>>>> > and we can connect to resources at each of the three sites but only >>>>>> > by ip >>>>>> > address. We would like to connect to resouces by name. Each site >>>>>> > has a >>>>>> > domain controller, and a dns server. All computers are joined to >>>>>> > the same >>>>>> > domain. >>>>>> > >>>>>> > When I look in the forward lookup zone on each of the DNS servers, >>>>>> > at each >>>>>> > site, i can see all the computers in the domain. They are all >>>>>> > listed. >>>>>> > All >>>>>> > three sites, 192.168.1.x, 172.16.0.x, and 192.168.1.x. Whatever >>>>>> > physical >>>>>> > site i am in i cannot connect to resrouces at any of the other >>>>>> > sites via >>>>>> > name, only ip address. We would like to connect by name rather >>>>>> > than IP >>>>>> > address. >>>>>> > >>>>>> > We will be adding three additional sites, with no dns server or >>>>>> > domain >>>>>> > controller. Each user, however will have domain credentials to >>>>>> > authenticate >>>>>> > and access resoucres. We would like those users to be able to >>>>>> > connect to >>>>>> > resouces by name rather than ip address. >>>>>> > >>>>>> > thanks. >>>>>> > >>>>>> > Joe (and i am not a plumber) >>>>>> >>>>>> >>> > |
|
|