Cisco VPN Client 4.8 kills DNS

  • Thread starter Thread starter parava
  • Start date Start date
P

parava

We just migrated into a new Windows 2003 server. For work reasons we
need to connect to an outside server through a cisco VPN client. The
problem is when we are connected, we can no longer resolve DNS
queries. We can ping any IP address fine, we just cannot resolve any
domain name.

When we disconnect the VPN, everything works fine.

We used to run Windows 2000 server and Cisco VPN client 4.3 any did
not have this issue.

Does anyone know how to solve this?

Thank you.
 
parava said:
We just migrated into a new Windows 2003 server. For work reasons we
need to connect to an outside server through a cisco VPN client. The
problem is when we are connected, we can no longer resolve DNS
queries. We can ping any IP address fine, we just cannot resolve any
domain name.

When we disconnect the VPN, everything works fine.

We used to run Windows 2000 server and Cisco VPN client 4.3 any did
not have this issue.

Does anyone know how to solve this?

Thank you.
Click to expand...
You can't resolve ANY DNS? Or just your internal names? By "migrated
into a new Windows 2003 server", I assume you mean an Active Directory
(domain). Can you ping your DNS server? If so, I'll bet you have an
alternate DNS server listed for the VPN connection that is overriding
your local lookups. Do the following:

Make sure the VPN is not connected and, from the command line, type
these commands

"ipconfig /all > c:\post1.txt"
"route print >> c:\post1.txt

Then connect the VPN and type these commands

"ipconfig /all > c:\post2.txt"
"route print >> c:\post2.txt

Then open the two files "post1.txt" and "post2.txt", copy and paste the
contents of each into your next post.

....kurt
 
I know that the cisco VPN tunnel fully encapsulates the primary TCP/IP
connection. You will notice when the VPN connection is established
nothing can get to the primary IP. To work arround this, assign a
secondary IP address to the network adapter and have all server
functions listen on that IP such as DNS, IIS, etc.

I have used it like that for 3 years now with no issues.

-Steve
 
Back
Top