I am a programmer, but I know enough about network and server configs to be slightly dangerous when it comes to configurations.
My task today was to try to setup VPN access at our office. We have a 2012R2 standard server that was not doing anything (not even on), so I decided it would be the perfect machine for the job.
To make this as short as possible, we are a real small office, 3 guys. We have a high end (although consumer grade) router that is not a VPN end point, but does support VPN tunneling through its firewall. Router is DHCP server, however most workstations and servers in the office are setup with statics.
I got everything to work (pats self on back) to allow me to create a new VPN connection from an outside Windows client machine, and everything worked as I wanted it to, except for machine name resolution. I understand this is due to limitations in NetBIOS and how that all works. I found an article about setting up a WINS server, and once I did that, it resolved my issue and I was able to connect to shares or RDP to machines by name instead of by local IP address.
So I came here to ask this:
1) The WINS server method required me to manually add each machine/IP I wanted to register. I am not sure why this is, but I am thinking it has to do with the server not acting as the DHCP/DNS server (or maybe this is just how WINS works?). This isn't a HUGE deal, but it would be nice if I didn't have to manually manage this list. If Windows clients on the local network here can broadcast and see all available network machines, why can't the WINS server make the same network crawl automatically?
2) In reading about the WINS server, most people said it was a relic and one should use DNS instead. I am looking for more information on this, to see if this is something I should consider or worry about.
3) Would I make my life easier if I made the 2012 server both DHCP and DNS server and removed those tasks from the router?
A side note if it matters, we are NOT on a domain here, just a loose set of workgroup machines. We find that setting up a whole DC and adding all these machines and accounts to a domain is counter productive for us, because we are such a small shop here, with nothing to restrict from each other, and we find that adding a domain into the picture complicates things more than it simplifies things. Of course unless someone can make a case why we should just move to being on a DC.
Matt Kleinwaks - MSMVP MSDN Forums Moderator - www.zerosandtheone.com