DNS resolves wrong when vpn connects

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

remote clients connect to vpn fine. Ipconfig shows that the ras server dns is
correct. however if you ping our mail server it resolves to the outside dns
not internal. This only seems to happen when remote clients are getting a ip
address assigned remotely that is on our internal class. (ie client at remote
location using wireless gets ip address 192.168.0.40 and dns of that network
192.168.0.11 then clients establishes a vpn connection to our server and
recieves ip address for the vpn of 192.168.0.206 and dns server address
192.168.0.5) ipconfig /all shows all correctly but when client tries ping say
mail.myserver.com it is returning external dns ip instead of internal. Any
ideas would be greatly appreciated.
Thanks
 
hex2bin said:
remote clients connect to vpn fine. Ipconfig shows that the ras
server dns is correct. however if you ping our mail server it
resolves to the outside dns not internal. This only seems to happen
when remote clients are getting a ip address assigned remotely that
is on our internal class. (ie client at remote location using
wireless gets ip address 192.168.0.40 and dns of that network
192.168.0.11 then clients establishes a vpn connection to our server
and recieves ip address for the vpn of 192.168.0.206 and dns server
address 192.168.0.5) ipconfig /all shows all correctly but when
client tries ping say mail.myserver.com it is returning external dns
ip instead of internal. Any ideas would be greatly appreciated.
Thanks

The record is still in cache, or you client is still using the wrong DNS.
How do you connect to the VPN? Through another LAN connection or through a
dial up?
 
when this issue happens. The client is often using a remote wireless high
speed connection like at a hotel. If the hotel is assigning say 192.168.0.x
class ip then clients have the problem. If the hotel gives like a 10.16.x.x
then no problem. Only when the remote client gets a ip address that is on the
same class as our internal network 192.168.1.x 192.168.0.x if the remote
client gets a ip address of 192.168.8.x which we dont internally use the 8.x
class all works fine. but if they get an ip address that equals the same
class as our internal network the problem arises.
Thanks much
 
In
hex2bin said:
when this issue happens. The client is often using a remote wireless
high speed connection like at a hotel. If the hotel is assigning say
192.168.0.x class ip then clients have the problem. If the hotel
gives like a 10.16.x.x then no problem. Only when the remote client
gets a ip address that is on the same class as our internal network
192.168.1.x 192.168.0.x if the remote client gets a ip address of
192.168.8.x which we dont internally use the 8.x class all works
fine. but if they get an ip address that equals the same class as our
internal network the problem arises.
Thanks much

This is a common issue. You will have to change your company's internal IP
range to something other than 192.168.0.0/24 or 192.168.1.0/24.

Many routers that users purchase for home use come with either one of them
configured as default and companies with these ranges come across this
problem often. If your internal infrastructure is using one of those ranges,
expect problems.

Sorry to be the bearer of bad news.

--
Regards,
Ace

If this post is viewed at a non-Microsoft community website, and you were to
respond to it through that community's website, I may not see your reply.
Therefore, please direct all replies ONLY to the Microsoft public newsgroup
this thread originated in so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Infinite Diversities in Infinite Combinations.
=================================
 
A fellow named Gleo posted an MS KB article in another thread that seems to
have resolved this issue for me:

http://support.microsoft.com/default.aspx?scid=kb;en-us;311218

It involves a registry edit for the VPN client (remote user), but it seems
to work, correctly resolving the public DNS name to the internal IP when
VPNed and to the public IP when not VPNed.

I've also found that wherever the VPN client is, if they receive a public
DNS server as their local DNS (i.e. if the local DHCP is passing out a public
DNS server address) rather than the local gateway as the DNS address (ie.,
the DHCP passing out the internal IP address of the local router/WAP/cable
modem/whatever), then when one VPNs in things seem to resolve correctly. So
you can configure your home network to work, but I'm not sure if airports and
Starbucks and other hotspots pass out a public DNS server to their DHCP
clients or not.
 
In
JWM said:
A fellow named Gleo posted an MS KB article in another thread that
seems to have resolved this issue for me:

http://support.microsoft.com/default.aspx?scid=kb;en-us;311218

It involves a registry edit for the VPN client (remote user), but it
seems to work, correctly resolving the public DNS name to the
internal IP when VPNed and to the public IP when not VPNed.

I've also found that wherever the VPN client is, if they receive a
public DNS server as their local DNS (i.e. if the local DHCP is
passing out a public DNS server address) rather than the local
gateway as the DNS address (ie., the DHCP passing out the internal IP
address of the local router/WAP/cable modem/whatever), then when one
VPNs in things seem to resolve correctly. So you can configure your
home network to work, but I'm not sure if airports and Starbucks and
other hotspots pass out a public DNS server to their DHCP clients or
not.


Interesting article. Thanks for posting it. I honestly thought it was the IP
range because I've seen this prob with a few of my client machines that
someone chose a 192.168.0.0 or 192.168.1.0 range which interferes with
networks when you are using a VPN from a location using the same subnet.

Thanks for posting that!

Ace
 
Back
Top