Dynamic DNS updates for VPN clients

ThomasP · ‎22-Jun-2023

Hello,

We use F5 APM as our main VPN solution for our employees. We're happy with it 🙂

However, we've been facing an issue for which we haven't found a solution yet.

On our LAN, our customers get IP addresses from our Microsoft DHCP servers which update the client DNS records in our Microsoft DNS servers (AD). Clients are not allowed to update DNS records directly.

Our clients are configured to use read-only DNS servers and not the main AD DNS servers.

With this configuration (the F5 cluster being the DHCP server), the clients are not able to update the DNS records in our AD DNS servers through the VPN.

Which solution would you recommend ? How could we bypass this limitation ?

Best Regards

Thomas

Lucas_ · ‎22-Jun-2023

Hello All,

Oh, seems we have the same issue 😑.

We haven't found a solution yet as..

Best Regards,

Lucas 🇮🇹

Leslie_Hubertus · ‎26-Jun-2023

Hey @ThomasP - FYI - I'm linking to your question in today's Comunity Highlights to help you get visibility and hopefully an answer more quickly.

Daniel_Wolf · ‎26-Jun-2023

Hi @ThomasP,

take a look at this community solution: APM-DHCP Access Policy Example and Detailed Instructions.
Last time I used it with BIG-IP 14.1, article says it has issues with 16.1+.

KR
Daniel

Matt_Dierick · ‎27-Jun-2023

Guys, is it what you are looking for ?

Configure dynamic DNS from a DHCP server for BIG-IP APM network access clients (f5.com)

We posted this article few weeks ago.

ThomasP · ‎27-Jun-2023

Hello

Thank you for your help.

I read this article on devcentral a while ago but the warning claming this solution doesn't work on BIG-IP v.16+ frigthened me but the last comment says that it seems to work.

I don't know what to think about it.

@Matt_Dierickdo you know whether it works or not on BigIP v16+? Have you tested it ?

Thank you

Thomas

DevCentral

Dynamic DNS updates for VPN clients

MFA required on DevCentral