I’m working on decentralizing one of our offices and need to end up with a cohesive network at the other end of our migration. So far, it seems like an IPSec / EoIP Tunnel does everything I need it to. I’ve got three networks, 87.0/24, 88.0/24, and 89.0/24. All of my business servers will live in the 89 network. Remote offices will sit behind 88 and 87. I’ve established the EoIP Tunnels (two for each box, one to either other endpoint) and I’ve created IPSec Policies and Peers for each of them. As far as I can tell, that is all set up and working correctly. I can bring up the tunnels from either end of any connection and traffic seems to move as expected.
My next goal (if it’s possible) is to get all of the name resolution to work no matter where a user happens to plug into my network. We’ve got an AD Domain that I can use if I need to for DNS / WINS, but I figured I’d check and see if there was some configuration in ROS that would get me where I needed to be. I’m not sure what information is best to provide you with, or if someone can just suggest configurations / reading material that I can review.
I think my question is “how can I have devices in my 88 network forward their hostnames to my 89 and 87 networks so that a user typing ‘ping servername’ from the 87 network gets a reply from the computer in the 88 network”. Is that even a reasonable request? I know I can do things like add 89.1 to the list of DNS Servers on the 88 and 87 networks, but I don’t really want all of my DNS to have to deal with the tunnel.
Thanks in advance, and let me know what configuration of mine would be helpful to see.