I have web developers that are not using fully qualified server names for internal websites. I need help configuring VPN network access to find these sites. What am I doing wrong? I can access the webserver with the fqdn, but I cannot access it with the non-fqdn.
Below is an example of how I have DNS/Hosts configured at:
Access ›› Connectivity / VPN : Network Access (VPN) : Network Access Lists :[VPN-Name]
IPV4 Primary Name Server 10.196.1.50 IPV4 Secondary Name Server 10.296.1.50 Primary WINS Server Not used Secondary WINS Server Not used DNS Default Domain Suffix lcoalhost intenaldomain.local Register this connection's addresses in DNS Note Enabled Use this connection's DNS suffix in DNS registration Not Enabled Enforce DNS search order Enabled Static Hosts [intenralservername.fqdn]/10.196.1.40 [internalservername}/10.196.1.40
Have you reviewed your split-dns config on the F5 device as you may have configured to route the FQDN to the Big-IP device but not the Ip address?:
Also do tcpdump to confirm if the traffic is send to the f5 devices when accessing the Ip addresses by IP address:
Look into the detailed ip configuration at the edge client.
There you should see that "intenaldomain.local" isn't in the dns suffix search list.
You can choose: 1. place the domain "intenaldomain.local" on the first position under " DNS Default Domain Suffix" or 2. remove localhost from the list.
The list doesn't support more than one DNS Default Domain Suffix.
After that, it should be possible to reach the hostname without fqdn with the browser.
Does anybody know, how to setup the DNS search list for the edge client? So that it work with the command line in windows and with multiple domains?
At the moment the search suffix list on the client is allways empty. Only the default suffx will be set by the first entry under "DNS Default Domain Suffix".
If you use the command line, then you cannot find hostnames without fqdn.
Thanks! Now, its working fine. Only the "Enforce DNS Search Order" Option wasn't activated. With it, every entry from "DNS Default Domain Suffix" is in the search list and you can find hostnames without fqdn.