Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

DNS prob with Win2K VPN

Posted on 2003-03-25
12
Medium Priority
?
447 Views
Last Modified: 2010-04-12
I'm setting up a simple PPTP VPN using RAS.  
Very simple TCP/IP network running DHCP, DNS.
Network setup:  Internet -> VPN Svr -> Linksys Router -> Intranet
Clients connect fine.  IP, Default Gateway fine.

However, The DNS Server IPs appear twice! (not sure if this is causing my trouble)
  192.168.1.15
  192.168.1.11
  192.168.1.11
  192.168.1.15

When connected to the VPN, I can ping the DNS servers fine, but when I try to resolve a computer name, the external DNS servers are used instead of the internal ones.  So attempting something like "\\computer1" does not work, but "\\192.168.1.52" does.  Typing "nslookup computer1 192.168.1.11" WILL work since it uses the correct DNS server.  Also, the computers will not appear in Network Neighborhood, but I am assuming that has to do with my DNS problem.

P L E A S E   H E L P !
0
Comment
Question by:russ138
  • 6
  • 6
12 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 390 total points
ID: 8212803
What is the client's home LAN IP address? The same 192.168.1.x? Since this is the current default of SO Many soho lans, any business type lan behind one of these routers should be changed to something else, i.e. in the upper range of the available addresses like 192.168.225.x
Example, if the remote user is also behind a Linksys or other router that uses 192.168.1.1 as the gateway/dns server, then that is prefered over your DNS server because it is local and on the same LAN as far as the PC knows.
0
 

Author Comment

by:russ138
ID: 8213004
Thanks for helping Irmoore,

The Client's computer we're using for the VPN testing has a PUBLIC IP and DNS information from Comcast (our ISP).

BTW:  Is your name with an "I(i)" or an "l(L)"?  With the font they use, the two look the same.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8213283
it's l=L - thanks!

Doe the client setup have the check in the box "use default gateway on remote network" checked in the Networking/TCP/IP properties of the VPN dialer?

0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
LVL 79

Expert Comment

by:lrmoore
ID: 8213346
it's l=L - thanks!

Doe the client setup have the check in the box "use default gateway on remote network" checked in the Networking/TCP/IP properties of the VPN dialer?

0
 

Author Comment

by:russ138
ID: 8213732
I've tried the "use default gateway on remote network" checked AND unchecked.  It won't get the default gateway from the remote network when unchecked, but the dns entries still come and they are still double.

Also, if I do a bunch of quick "ipconfig /all" as soon as I connect through the VPN, ONLY the first two DNS are there.  Then, about 5 seconds after the VPN connect, the second set of identical DNS appear.
0
 

Author Comment

by:russ138
ID: 8213749
Mmmm, not sure if I made that perfectly clear...

Whether checked or not, two sets of our DNS servers appear and remote network computer names try to resolve with the primary Internet connection's DNS; NOT the VPN's DNS.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8213981
Can you post results of the ipconfig /all both before, and after the VPN is established, and also results of "route print" both before and after. What OS is on the client box?
Does the VPN terminate on a Win2K server?

Here's a troublshooting guide that might help
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/columns/tips/15tipsfo.asp
0
 

Author Comment

by:russ138
ID: 8214265
Yes, The VPN terminates on a Win2K server.  The client machine is W2K also.  I noticed when grabbing the information below that when connected to the VPN, my Default Gateway is my computer's VPN IP.  Is that right?

Hopefully the cut & paste looks nice when posted because it looks terrible right now.



This is the IPCONFIG /all and Route Print BEFORE VPN connection:
-----------------------------------------------------------
Windows 2000 IP Configuration
        Host Name . . . . . . . . . . . . : russ138
        Primary DNS Suffix  . . . . . . . : dqs.us
        Node Type . . . . . . . . . . . . : Mixed
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : dqs.us
                           nrockv01.md.comcast.net

Ethernet adapter DQS LAN:
        Connection-specific DNS Suffix  . : nrockv01.md.comcast.net
        Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
        Physical Address. . . . . . . . . : 00-06-5B-C5-12-87
        DHCP Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 68.50.219.101
        Subnet Mask . . . . . . . . . . . : 255.255.248.0
        Default Gateway . . . . . . . . . : 68.50.216.1
        DHCP Server . . . . . . . . . . . : 172.30.100.36
        DNS Servers . . . . . . . . . . . : 68.48.0.6
                                            68.48.0.5
        Lease Obtained. . . . . . . . . . : Wednesday, March 26, 2003 4:58:43 PM
        Lease Expires . . . . . . . . . . : Monday, September 22, 2003 5:58:43 PM

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      68.50.216.1   68.50.219.101       1
      68.50.216.0    255.255.248.0    68.50.219.101   68.50.219.101       1
    68.50.219.101  255.255.255.255        127.0.0.1       127.0.0.1       1
   68.255.255.255  255.255.255.255    68.50.219.101   68.50.219.101       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
        224.0.0.0        224.0.0.0    68.50.219.101   68.50.219.101       1
  255.255.255.255  255.255.255.255    68.50.219.101   68.50.219.101       1
Default Gateway:       68.50.216.1


This is the IPCONFIG /all and Route Print AFTER VPN connection:
-----------------------------------------------------
Only difference is the VPN connection is added as follows:

PPP adapter DQS VPN:
        Connection-specific DNS Suffix  . : dqs.us
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.1.109
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 192.168.1.109
        DNS Servers . . . . . . . . . . . : 192.168.1.15
                                            192.168.1.11
                                            192.168.1.11
                                            192.168.1.15

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      68.50.216.1   68.50.219.101       2
          0.0.0.0          0.0.0.0    192.168.1.109   192.168.1.109       1
      68.50.216.0    255.255.248.0    68.50.219.101   68.50.219.101       1
    68.50.219.101  255.255.255.255        127.0.0.1       127.0.0.1       1
    68.50.222.141  255.255.255.255    68.50.219.101   68.50.219.101       1
   68.255.255.255  255.255.255.255    68.50.219.101   68.50.219.101       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
    192.168.1.109  255.255.255.255        127.0.0.1       127.0.0.1       1
    192.168.1.255  255.255.255.255    192.168.1.109   192.168.1.109       1
        224.0.0.0        224.0.0.0    68.50.219.101   68.50.219.101       1
        224.0.0.0        224.0.0.0    192.168.1.109   192.168.1.109       1
  255.255.255.255  255.255.255.255    68.50.219.101   68.50.219.101       1
Default Gateway:     192.168.1.109
0
 

Author Comment

by:russ138
ID: 8214331
Yes, The VPN terminates on a Win2K server.  The client machine is W2K also.  I noticed when grabbing the information below that when connected to the VPN, my Default Gateway is my computer's VPN IP.  Is that right?

Hopefully the cut & paste looks nice when posted because it looks terrible right now.



This is the IPCONFIG /all and Route Print BEFORE VPN connection:
-----------------------------------------------------------
Windows 2000 IP Configuration
        Host Name . . . . . . . . . . . . : russ138
        Primary DNS Suffix  . . . . . . . : dqs.us
        Node Type . . . . . . . . . . . . : Mixed
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : dqs.us
                           nrockv01.md.comcast.net

Ethernet adapter DQS LAN:
        Connection-specific DNS Suffix  . : nrockv01.md.comcast.net
        Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
        Physical Address. . . . . . . . . : 00-06-5B-C5-12-87
        DHCP Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 68.50.219.101
        Subnet Mask . . . . . . . . . . . : 255.255.248.0
        Default Gateway . . . . . . . . . : 68.50.216.1
        DHCP Server . . . . . . . . . . . : 172.30.100.36
        DNS Servers . . . . . . . . . . . : 68.48.0.6
                                            68.48.0.5
        Lease Obtained. . . . . . . . . . : Wednesday, March 26, 2003 4:58:43 PM
        Lease Expires . . . . . . . . . . : Monday, September 22, 2003 5:58:43 PM

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      68.50.216.1   68.50.219.101       1
      68.50.216.0    255.255.248.0    68.50.219.101   68.50.219.101       1
    68.50.219.101  255.255.255.255        127.0.0.1       127.0.0.1       1
   68.255.255.255  255.255.255.255    68.50.219.101   68.50.219.101       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
        224.0.0.0        224.0.0.0    68.50.219.101   68.50.219.101       1
  255.255.255.255  255.255.255.255    68.50.219.101   68.50.219.101       1
Default Gateway:       68.50.216.1


This is the IPCONFIG /all and Route Print AFTER VPN connection:
-----------------------------------------------------
Only difference is the VPN connection is added as follows:

PPP adapter DQS VPN:
        Connection-specific DNS Suffix  . : dqs.us
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.168.1.109
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 192.168.1.109
        DNS Servers . . . . . . . . . . . : 192.168.1.15
                                            192.168.1.11
                                            192.168.1.11
                                            192.168.1.15

Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      68.50.216.1   68.50.219.101       2
          0.0.0.0          0.0.0.0    192.168.1.109   192.168.1.109       1
      68.50.216.0    255.255.248.0    68.50.219.101   68.50.219.101       1
    68.50.219.101  255.255.255.255        127.0.0.1       127.0.0.1       1
    68.50.222.141  255.255.255.255    68.50.219.101   68.50.219.101       1
   68.255.255.255  255.255.255.255    68.50.219.101   68.50.219.101       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
    192.168.1.109  255.255.255.255        127.0.0.1       127.0.0.1       1
    192.168.1.255  255.255.255.255    192.168.1.109   192.168.1.109       1
        224.0.0.0        224.0.0.0    68.50.219.101   68.50.219.101       1
        224.0.0.0        224.0.0.0    192.168.1.109   192.168.1.109       1
  255.255.255.255  255.255.255.255    68.50.219.101   68.50.219.101       1
Default Gateway:     192.168.1.109
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8721897
G'day, russ138,
There has not been any activity on this question in a while (79 days).
Are you still working on this and need more information?
Or, can you go ahead and close it out?

Thanks!
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 8850801
G'day, russ138, there has not been any activity on this question in a while.
Do you still need assistance, need more information, or have you solved your problem? Can you close
out this question?
0
 

Author Comment

by:russ138
ID: 8869435
lrmoore, I was able to fix the problem myself.  I forget what I did since it was a while ago.

I'll still give you the points for spending your time and trying to help.  You're first answer MAY have fixed the issue.

Thanks again.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question