Registration Rules on DNS Server

You should follow these guidelines when registering the DNS names and corresponding IP addresses of nodes on the DNS server:

1. To enable the interaction between a coordinator and other ViPNet nodes it's necessary to tell the nodes the IP addresses of this coordinator. If the coordinator's addresses were specified as DNS names in ViPNet Manager, you need to register all IP addresses of access on the DNS server. If the coordinator's IP addresses were specified in ViPNet Manager, you do not need to register these addresses on the DNS server.
2. On public (open) DNS servers, you should only register real addresses of protected computers. If ViPNet nodes work through a firewall (NAT device of coordinator), you may also publish the IP address of this firewall.
3. On protected DNS servers:
   • For the DNS name of a ViPNet node or tunneled computer, you can register real or virtual IP addresses in accordance with their visibility from a node, ie.
     • If the DNS server is located on any ViPNet node, it's necessary to register the IP addresses from which a corresponding protected computer is accessible from this ViPNet node.
     • If the DNS server is located on a tunneled computer, it's necessary to register the IP addresses from which a corresponding protected computer is accessible from a coordinator providing tunneling of the DNS server.
   • For the DNS name of a ViPNet node, you can also the register the IP address of the NAT device or coordinator through which this ViPNet node works.
4. For an unprotected computer, you should only specify the real addresses of requested nodes and the firewall address.

Back to top

© 2007 Infotecs