Re: DNS not resolving correctly on VPN

---

• From: "Ace Fekay [MVP]" <PleaseSubstituteMyActualFirstName&LastNameHere@xxxxxxxxxxx>
• Date: Thu, 11 Aug 2005 22:51:47 -0400

---

In news:C645C57C-3058-4590-A9DD-F827A79B8465@xxxxxxxxxxxxx,
Plantguy <Plantguy@xxxxxxxxxxxxxxxxxxxxxxxxx> made this post, which I then
commented about below:
> Some users have been unable to send messages because the machine,
> running xp or 2000, resolves to the wrong ip address
> Our remote users dial into our vpn server and they are able to access
> all of our resources. For email purposes, they have to log in to vpn
> to send messages because our 3rd party message scanner only accepts
> connections from our public ip address, nothing else.
>
> Now, on some machines, if I type ping smtp.myserver.com, I get our
> public ip address instead of our internal mail server address, which
> causes Outlook to error out when sending. it's only a hand full and
> the workaround is to use the ip address instead of the fqdn. Why is
> this happening?
>
> I tried flushing the cache, reboot the machine, reconnect via vpn.
> What would it fix this?
>
> Thanks a lot for any suggestions
> Elliott
> ===============================
> Elliott Bujan
> Initial Tropical Plants - USA

If you're getting the public IP on *some* of the machines, it's telling me
you have your machines configured with a public DNS server and your internal
DNS server. Assuming you have Active Directory, this is a huge mistake. You
must only use the internal DNS on ALL machines in the AD domain. I'm
surprised there aren't any other issues occuring due to this. Make sure all
machines only use the internal DNS. Check DHCP Option 006 to make sure it
only shows the internal DNS. When connecting thru a VPN, I'm sure your DHCP
is supplying the VPN user's IP configuration, including the DNS addresses.
As long as you have it set to use the internal DNS, there shouldn't be a
problem.

As for the first paragraph, can I assume you are using Exchange? Why not let
the users use the OWA from the Internet side? But what I'm assuming based on
your post, that you are using either OUtlook Express or an Outlook MAPI
client set for POP3 or IMAP4 and using SMTP to send mail to the mail server.
Is that true? If not, please elaborate on your mail configuration to better
understand your setup.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Infinite Diversities in Infinite Combinations.
=================================






.

---

• Follow-Ups:
  • Re: DNS not resolving correctly on VPN
    • From: Plantguy

• References:
  • DNS not resolving correctly on VPN
    • From: Plantguy

• Prev by Date: Re: Configuring DNS for new exchange server.
• Next by Date: Re: NSLOOKUP
• Previous by thread: DNS not resolving correctly on VPN
• Next by thread: Re: DNS not resolving correctly on VPN
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Vista, SBS 2003 and RAS not working ... We have a windows SBS 2003 server – straight out of the box, ... The VPN connection between your computer and the VPN server could not ... You mention that the clients are Vista machines, which means that their built-in firewall works on outgoing messages as well as incoming ones, and the firewall needs to be told that outgoing PPTP VPN connections should be allowed. ... Computers don't need to be joined to the domain to connect by VPN, by the way, so you can use other remote computers for testing, it's just that only domain machines get access to all network resources easily. ... (microsoft.public.windows.server.sbs) Re: Windows Server 2003 / XP Pro: Workgroup Woes ... Networking, Internet, Routing, VPN Troubleshooting on ... I'm new to the Windows Server world. ... server via the office workgroup. ... expected from all machines on the workgroup. ... (microsoft.public.windows.server.networking) Re: Unable to access private network from the VPN (NAT) ... I have the VPN setup with one network ... However they can't access any of the machines on the network. ... > the remotes and forwards traffic on to LAN machines. ... > the server does proxy ARP for the clients, gets the packet and forwards it ... (microsoft.public.win2000.ras_routing) ppp over ssh problem ... I want to set up a ppp over ssh link between two freebsd 5.4 machines ... - In the authorized_keys file, on the server side, I added the following ... the vpn account is configured using sudo to run ppp without requiring ... - when I run ppp -auto vpn on the client machine, ... (comp.unix.bsd.freebsd.misc) Re: Can only ping VPN server; NAT malfunction? ... The problem is probably the default gateway setting on the LAN machines. ... If they point to the firewall, that is where the traffic for the remotes ... It will never get to the RRAS server. ... I can dial in successfully and get a VPN connection. ... (microsoft.public.windows.server.networking)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)