[ previous ] [ next ] [ threads ]
 
 From:  Michael Monaghan <mmonaghan at gmail dot com>
 To:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: FW: [m0n0wall] PPTP -> Windows Clients problems
 Date:  Sun, 12 Sep 2004 22:21:48 -0400
> As an alternative, you could have a DNS server at that site that
> doesn't maintain any of the AD records, but forwards the requests for
> *.your-ad-domain.com to your AD DNS servers.  I have this setup
> running in a couple of locations and it works great.  That way you can
> have AD resolution, but don't have internet DNS requests traversing
> the VPN needlessly.
> 
> If you're using BIND, put something like this in your named.conf file,
> where your-ad-domain.com is your AD domain name, and 192.168.1.2 and
> 192.168.1.3 are your AD DNS servers.  If you only have one AD DNS,
> just remove the .3 line.
> 
> zone "your-ad-domain.com" {
>        type forward;
>        forward only;
>        check-names ignore;
>        forwarders {
>                192.168.1.2;
>                192.168.1.3;
>        };
> };
> 
> -Chris

Sweet!!!!!  I like that Chris.