hi everybody, we have exactly the same problem. the ip assignment via the dhcp server works like a charm but i simply don´t get the A record updated. in our scenario the dhcp server is updating the dns. when i checked the dhcp request and ack packets with ethereal i can see that the hostname of the office mode client does not get sent to the dhcp server. by the way, you don´t want the client itself updating the dns because he will update the dns with the address of the physical interface not the ip adress of the office mode pool. so i thought to install hfa01 because in the release notes checkpoint said they fixed an issue with ddns but so far no luck. the behaviour is exactly the same with hfa01. anybody any idea ??
thanks regards wolfgang > -----Ursprüngliche Nachricht----- > Von: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] Im Auftrag von Ray > Gesendet: Mittwoch, 23. November 2005 18:25 > An: [email protected] > Betreff: Re: [FW-1] SecureClient DNS registration > > > Hi Duncan, > > What's the SecureClient log viewer show? I think it would > show something > inbound being dropped. > > Does the DHCP server update dynamic DNS on behalf of the > client or are you > allowing each client to do it directly? > > An Office Mode problem with SecureClient not updating the > dynamic DNS was > supposed to be corrected in NGX HFA01, in case you didn't > know about it. > > Ray > > > >From: "Meyers, Duncan" <[EMAIL PROTECTED]> > >Reply-To: Mailing list for discussion of Firewall-1 > ><[email protected]> > >To: [email protected] > >Subject: [FW-1] SecureClient DNS registration > >Date: Wed, 23 Nov 2005 12:36:48 +1100 > > > >Hi all, > > > >I have a bit of an odd problem that seems to be related to > SecureClient > >(NGX R60 Build 191 on XP). > > > >When a laptop that has SecureClient installed and a simple desktop > >policy > >active (allow all outbound, drop all inbound) is connected > to the company > >LAN, it picks up an IP address from the Windows 2003 DHCP > server but > >doesn't update the active DNS registration so that if you > ping the machine > >name it, the DNS sever replies with an old address. > > > >The problem goes away immediately if you stop the VPN-1 > SecureClient - > >that > >is; the DNS entry is updated. > > > >Any thoughts? > > > >Thanks, > > > >Duncan > > > > > >================================================= > >To set vacation, Out-Of-Office, or away messages, > >send an email to [EMAIL PROTECTED] > >in the BODY of the email add: > >set fw-1-mailinglist nomail > >================================================= > >To unsubscribe from this mailing list, > >please see the instructions at > >http://www.checkpoint.com/services/mailing.html > >================================================= > >If you have any questions on how to change your > >subscription options, email > >[EMAIL PROTECTED] > >================================================= > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
