Dynamic DNS updates for VPN clients

Question

Hello,We use F5 APM as our main VPN solution for our employees. We're happy with it 🙂However, we've been facing an issue for which we haven't found a solution yet.On our LAN, our customers get IP addresses from our Microsoft DHCP servers which update the client DNS records in our Microsoft DNS servers (AD). Clients are not allowed to update DNS records directly.Our clients are configured to use read-only DNS servers and not the main AD DNS servers.With this configuration (the F5 cluster being the DHCP server), the clients are not able to update the DNS records in our AD DNS servers through the VPN.Which solution would you recommend ? How could we bypass this limitation ?Best RegardsThomas

daniel_wolf · Answer

Hi&nbsp;ThomasP,take a look at this community solution:&nbsp;APM-DHCP Access Policy Example and Detailed Instructions.Last time I used it with BIG-IP 14.1, article says it has issues with 16.1+.&nbsp;KRDaniel&nbsp;

matt_dierick · Answer

Guys, is it what you are looking for ?Configure dynamic DNS from a DHCP server for BIG-IP APM network access clients (f5.com)
We posted this article few weeks ago.

lucas_ · Answer

Hello All,&nbsp;Oh, seems we have the same issue&nbsp;😑.&nbsp;We haven't found a solution yet as..&nbsp;Best Regards,&nbsp;Lucas&nbsp;🇮🇹&nbsp;

leslie_hubertus · Answer

Hey&nbsp;ThomasP&nbsp; - FYI - I'm linking to your question in today's Comunity Highlights to help you get visibility and hopefully an answer more quickly.

thomasp · Answer

HelloThank you for your help.I read this article on devcentral a while ago but the warning claming this solution doesn't work on BIG-IP v.16+ frigthened me but the last comment says that it seems to work.I don't know what to think about it.&nbsp;Matt_Dierickdo you know whether it works or not on BigIP v16+? Have you tested it ?Thank youThomas

Forum Discussion

Dynamic DNS updates for VPN clients

5 Replies

Recent Discussions

AS3 Deployments (shared objects)

F5Access | MacOS Sonoma

Ansible modules for F5OS

VPN fragmented IP packets dropped

iRule interpretation assistance

Related Content

Auditing Security Policy Updates

OAuth 2.0 Dynamic Client Registration

APM client update

Dynamic IP update of Azure IP Ranges and store them in data-groups

Dynamic IP update of Office365 addresses and store them in data-groups