external vpn clients connect but dns is resolving with external dn

[Guest]

remote clients connect to vpn fine. Ipconfig shows that the ras server dns is
correct. however if you ping our mail server it resolves to the outside dns
not internal. This only seems to happen when remote clients are getting a ip
address assigned remotely that is on our internal class. (ie client at remote
location using wireless gets ip address 192.168.0.40 and dns of that network
192.168.0.11 then clients establishes a vpn connection to our server and
recieves ip address for the vpn of 192.168.0.206 and dns server address
192.168.0.5) ipconfig /all shows all correctly but when client tries ping say
mail.myserver.com it is returning external dns ip instead of internal. Any
ideas would be greatly appreciated.
Thanks

 

[Robert L [MS-MVP]]

Can the VPN client ping the DNS server? can it ping the mail server by ip?

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
remote clients connect to vpn fine. Ipconfig shows that the ras server dns is
correct. however if you ping our mail server it resolves to the outside dns
not internal. This only seems to happen when remote clients are getting a ip
address assigned remotely that is on our internal class. (ie client at remote
location using wireless gets ip address 192.168.0.40 and dns of that network
192.168.0.11 then clients establishes a vpn connection to our server and
recieves ip address for the vpn of 192.168.0.206 and dns server address
192.168.0.5) ipconfig /all shows all correctly but when client tries ping say
mail.myserver.com it is returning external dns ip instead of internal. Any
ideas would be greatly appreciated.
Thanks

 

[Guest]

Yes you can ping the dns server and the mail server by ip.

 

[Robert L [MS-MVP]]

how about the name?

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
Yes you can ping the dns server and the mail server by ip.

 

[Guest]

A fellow named Gleo posted an MS KB article in another thread that seems to
have resolved the issue for me:

http://support.microsoft.com/default.aspx?scid=kb;en-us;311218

It involves a registry edit for the VPN client (remote user), but it seems
to work, correctly resolving the public DNS name to the internal IP when
VPNed and to the public IP when not VPNed.

I've also found that wherever the VPN client is, if they receive a public
DNS server as their local DNS (i.e. if the local DHCP is passing out a public
DNS server address) rather than the local gateway as the DNS address (ie.,
the DHCP passing out the internal IP address of the local router/WAP/cable
modem/whatever), then when one VPNs in things seem to resolve correctly. So
you can configure your home network to work, but I'm not sure if airports and
Starbucks and other hotspots pass out a public DNS server to their DHCP
clients or not.

JWM