Re: VPN and DNS issues
- From: "Robert L. \(MS-MVP\)" <blinNoEmailplease@xxxxxxxx>
- Date: Tue, 19 Feb 2008 17:09:52 -0600
First of all, you should have your internal DNS in the VPN server and the VPN server assign the DNS to the client. Another option is setup WINS for name resolution. It is better to have WINS for VPN name resolution. If both internal DNS and WINS are not options for you, you can try mlhosts. I would not use my ISP host my A records. Or the following search results may help.
Name resolution on VPN
Name resolution is big issue in VPN access. If your VPN server doesn't setup correctly or the VPN client can't receive the VPN DNS and WINS settings, ...
www.chicagotech.net/nameresolutionpnvpn.htm - Similar pages
VPN name resolution and browsing
Q: VPN name resolution and browsing. After I successfully connect to the VPN Server remotely, I cannot browse the network, and see other computers and ...
www.chicagotech.net/Q&A/vpn1.htm
--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Curtis" <Curtis@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:874028A1-6487-4982-845B-A70D3C8325B8@xxxxxxxxxxxxxxxx
My appologies if I am posting to the incorrect group, if I am please let me
know and I will repost to a more appropriate group.
We have a Microsoft VPN server that has been connected to a T1 for many
years now. Just recently it was switched to a new fiber connection from a
local ISP. After we switched the connection on the T1 we have been having
name resolution issues for our VPN clients. We have a 2003 Exchange server
that is accesible via the web and our internal network. When a VPN client
pings the Exchange server WHILE connected to the VPN it returns the public IP
instead of the private. No other changes have been made other than switching
the VPN server to the new ISP and updating the public DNS records for the VPN
connection. Currently the VPN server is running Windows Server 2003 SP1.
Example:
pinging s3.mydomain.net while connected to the VPN returns 65.x.x.x instead
of the correct 172.x.x.x internal address.
If a client sets their DNS servers to either the T1 or Fiber connections
default DNS servers, then the proper address is returned. However, for most
other clients, myself included, when using a default IP of the local
CABLE/DSL router it wants to return the public IP address.
A bit more info that may or may not be useful (I have replaced the actual
domain name with "mydomain"):
Current public dns records for our exchange server and VPN:
s3.mydomain.net CNAME to host155.mydomain.com resolves to Exchange server
public IP.
v1.mydomain.net CNAME to host7.mydomain.com resolves to VPN server public ip
address.
a reverse lookup of the exchange server public ip address returns
host155.mydomain.com
a reverse lookup of the VPN server public ip address returns
host7.mydomain.com.
mydomain.net is also our internal active directory name and we are using
split brain DNS.
We do not host our own public DNS servers.
No one is using vpn split tunneling.
the new ISP is a wide open connection that allows all traffic to pass with
no firewalls or filters between us and them.
If any further information is needed or anyone has any ideas for further
tests to run please feel free to ask.
Thank you!
.
- Follow-Ups:
- Re: VPN and DNS issues
- From: Curtis
- Re: VPN and DNS issues
- References:
- VPN and DNS issues
- From: Curtis
- VPN and DNS issues
- Prev by Date: Re: are 2 gateways allowed?
- Next by Date: Re: No Internet Access
- Previous by thread: VPN and DNS issues
- Next by thread: Re: VPN and DNS issues
- Index(es):
Relevant Pages
|
