Forum Discussion

dirken's avatar
dirken
Icon for Nimbostratus rankNimbostratus
Feb 08, 2017

Dynamic DNS address registration via APM

SSL-VPN with APM 12.1, assigning client IPs via a lease pool on the APM. Now I want to register the clients in an AD integrated DNS zone => Access Profile / DNS/Hosts / Register this connection's addresses in DNS.

 

1) There seems to be no possibility to enter domain credentials for the DNS registration, so I would have to allow "nonsecure" updates in the Windows DNS zone, which I do not want, as anybody could then update stuff. => Any way to send "secure" updates from the APM?

 

2) A Windows integrated DHCP could do "secure" updates, but there seems to be no way to use an external DHCP server for client address assignment. => Any way to use an external DHCP?

 

29 Replies

  • Hello,

     

    I have the same issue and the same behaviour. However I need exactly the same need, I have an Infoblox. And for one program, I need to check IP address and hostname. Currently, I have found no solution. Do you have open a issue on F5 support?

     

    Thanks Thanks

     

    • dirken's avatar
      dirken
      Icon for Nimbostratus rankNimbostratus

      I didn't open an F5 case yet, but I will probably do so, soon.

       

  • Have you tried the option 'Register this connection's addresses in DNS' under DNS/Hosts?

     

    • dirken's avatar
      dirken
      Icon for Nimbostratus rankNimbostratus

      Sure, but as there is no way to configure credentials, you must allow non-secure updates on the DNS server, which is a no-go in our environment.

       

    • sro_302855's avatar
      sro_302855
      Icon for Nimbostratus rankNimbostratus

      In my case I just need a non secure DNS update but these option doesn't work, I have no DNS packet sent by f5.

       

  • kunjan's avatar
    kunjan
    Icon for Nimbostratus rankNimbostratus

    Have you tried the option 'Register this connection's addresses in DNS' under DNS/Hosts?

     

    • dirken's avatar
      dirken
      Icon for Nimbostratus rankNimbostratus

      Sure, but as there is no way to configure credentials, you must allow non-secure updates on the DNS server, which is a no-go in our environment.

       

    • sro_302855's avatar
      sro_302855
      Icon for Nimbostratus rankNimbostratus

      In my case I just need a non secure DNS update but these option doesn't work, I have no DNS packet sent by f5.

       

  • kunjan's avatar
    kunjan
    Icon for Nimbostratus rankNimbostratus

    Th dynamic DNS update is done by the Windows, APM just enables option in the RAS adapter.

     

    • JustinH's avatar
      JustinH
      Icon for Nimbostratus rankNimbostratus

      Is there anyway to get the solution to work with multiple partitions?

       

    • JustinH's avatar
      JustinH
      Icon for Nimbostratus rankNimbostratus

      Is there anyway to get the solution to work with multiple partitions?