Al this in not a priority for us now. Earlier i was unaware of our VPN Box settings thats why i was a bit confuse about why these machines are registring there own records in my DNS.
Also i am not going to uncheck Register in DNS check box on Client machine as this is not required as if now. I have already set lease period as per our organizational requirement so, again i will not do any change unless it is a must required thing to do. Al i would surely want to have a look on KB you refered to. If possible, do me this favor. Thanks for all your help!!! Ravi Dogra On 9/14/06, Al Mulnick <[EMAIL PROTECTED]> wrote:
Personally, for a shop with more than 30 machines I wouldn't recommend this approach. DHCP half-life registrations would start to fly all over the place. That and the DHCP server is not registering for the remote users. On 9/13/06, Matt Hargraves <[EMAIL PROTECTED]> wrote: > > I'm not s huge DNS geek, so I'm not sure whether you can do this, but can't you just set the DHCP to have a short expiration (1 hour?) and it will unregister the 'old' entry for a machine? There would be a small amount of vulnerability, but it would go away after the client's reservation expires. > > > > > On 9/13/06, Ravi Dogra < [EMAIL PROTECTED]> wrote: > > No, Laptop Users are getting IP Addresses from my VPN Box and when > > they are on site its DHCP. > > > > On machines "Register in DNS" option Is checked, hence machines are > > attempting to register its own records in DNS. Although i have made my > > LAN DHCP to register only its Clients in DNS. > > > > Credentials used are abviously my Administrator Account. > > > > But Al, > > > > The Issue we had is laptop users are using LAN DHCP as well as using > > VPN Connection from home. Both are getting registered in My DNS with > > different IP. Which is obvious. > > But the thing is SOPHOS gave us this as one of the reasons for my > > laptop machines not showing in Sophos Enterprise Console because it > > uses DNS to build existing machines list. > > > > Now everything is working fine and this reason was totally not applicable. > > > > but still there are other machines which are only in our network using > > only my LAN DHCP and are not showing up in EC. > > > > Sophos Support team is working on this. > > > > Thanks and Regards > > Ravi Dogra > > > > On 9/13/06, Al Mulnick <[EMAIL PROTECTED]> wrote: > > > I swear this is the last question and then I'll make a suggestion. :) > > > > > > Is the DHCP server that the remote clients are getting their ip addr's from > > > the same as the one that you are using for lan connected clients? You are > > > obviously allowing the user's machine to update it's own records, but is > > > that consistent or is the DHCP server on the lan registering the records for > > > you possibly under a different set of credentials or in a different zone? > > > > > > > > > > > > > > > > > > > > > On 9/11/06, Ravi Dogra < [EMAIL PROTECTED]> wrote: > > > > yes its correct. > > > > > > > > No we have mobile users.. > > > > > > > > On 9/11/06, Al Mulnick < [EMAIL PROTECTED]> wrote: > > > > > Besides the obvious of telling Sophos to adjust their management to deal > > > > > with this, here's what I understand of your problem to date. > > > > > > > > > > VPN clients that are also trusted network clients (i.e. mobile users > > > that > > > > > traverse both trusted and non-trusted networks can end up with seemingly > > > > > duplicate entries for the same device but different ip addresses. This > > > > > confuses some antivirus management applications and presumably some > > > > > management applications such as SMS or similar class of app, that rely > > > on > > > > > reverse name resolution. > > > > > > > > > > Is that correct? > > > > > > > > > > Do you have workers that are remote-based only? > > > > > > > > > > Al > > > > > > > > > > > > > > > > > > > > On 9/8/06, Ravi Dogra < [EMAIL PROTECTED]> wrote: > > > > > > According to Sophos Support if one host has 2 DNS Entries, Sophos > > > > > > Enterprise Manager might not be able to detect this Host and auto > > > > > > update will also dont work. > > > > > > > > > > > > As you know jolly;- We are in process of migration from Trend to > > > > > > Sophos as our Antivirus Solution. > > > > > > > > > > > > Working on a solution will update soon..... > > > > > > > > > > > > Thanks > > > > > > Ravi Dogra > > > > > > > > > > > > On 9/8/06, Jaspreet Singh < [EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > > Ravi, > > > > > > > As Rob said, If your VPN box is forwarding requests to your internal > > > > > network > > > > > > > the your DNS will automatically update the records according to the > > > new > > > > > IP > > > > > > > which in your case is "x.x.5.x". > > > > > > > > > > > > > > Can you explain exactly what is the problem that you are facing due > > > to > > > > > this? > > > > > > > > > > > > > > Regards, > > > > > > > Jaspreet Singh Jolly > > > > > > > > > > > > > > > > > > > > > > > > > > > > On 9/7/06, Al Mulnick < [EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > > > > > > > > > > > > 1. I Didnt understand what exactly u r asking? > > > > > > > > 2. Yes DHCP Is configured properly. > > > > > > > > > > > > > > > > > > > > > > > > That's not what I asked. I asked if it's updating the records for > > > the > > > > > > > device or is it letting the devices update their own? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Al > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On 9/6/06, Ravi Dogra < [EMAIL PROTECTED] > wrote: > > > > > > > > > > > > > > > > > 1. I Didnt understand what exactly u r asking? > > > > > > > > > 2. Yes DHCP Is configured properly. > > > > > > > > > 3. Yes it is running on DC > > > > > > > > > 4. No, not running any other credential. > > > > > > > > > 5. VPN Machine is entirely a different BOX on other site. > > > > > > > > > 6. It doesnt register in my DNS. (Will extract other information > > > > > from > > > > > > > > > Site B Admin) > > > > > > > > > > > > > > > > > > update you very soon... > > > > > > > > > > > > > > > > > > Thanks > > > > > > > > > RD > > > > > > > > > List info : > > > http://www.activedir.org/List.aspx > > > > > > > > > List FAQ : > > > http://www.activedir.org/ListFAQ.aspx > > > > > > > > > List archive: > > > > > http://www.activedir.org/ml/threads.aspx > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > Regards, > > > > > > > Jaspreet Singh Jolly > > > > > > > > > > > > > > > > > > -- > > > > > > Ravi Dogra > > > > > > 9899647200 > > > > > > This e-mail, together with any attachments, is confidential. It may be > > > > > > read, copied and used only by the intended recipient. If you have > > > > > > received it in error, please notify the sender immediately by e-mail > > > > > > or telephone. Please then delete it from your computer without making > > > > > > any copies or disclosing it to any other person. > > > > > > List info : http://www.activedir.org/List.aspx > > > > > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > > > > > List archive: > > > http://www.activedir.org/ml/threads.aspx > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > Ravi Dogra > > > > 9899647200 > > > > This e-mail, together with any attachments, is confidential. It may be > > > > read, copied and used only by the intended recipient. If you have > > > > received it in error, please notify the sender immediately by e-mail > > > > or telephone. Please then delete it from your computer without making > > > > any copies or disclosing it to any other person. > > > > List info : http://www.activedir.org/List.aspx > > > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > > > List archive: http://www.activedir.org/ml/threads.aspx > > > > > > > > > > > > > > > > -- > > Ravi Dogra > > 9899647200 > > This e-mail, together with any attachments, is confidential. It may be > > read, copied and used only by the intended recipient. If you have > > received it in error, please notify the sender immediately by e-mail > > or telephone. Please then delete it from your computer without making > > any copies or disclosing it to any other person. > > List info : http://www.activedir.org/List.aspx > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > List archive: http://www.activedir.org/ml/threads.aspx > > > >
-- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
