Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


WWW. and internal Windows Domain name

Posted on 2004-08-12
Medium Priority
Last Modified: 2010-05-18
I am having a great deal of problems recently in negotiating Exchange over a VPN.

I think I have discovered my problem however I need a solution to the problem.  The users within the company are using the Microsoft VPN to access there Exchange remotely.  I have noticed that some users are recieving the incorrect IP address of our exchange Server.  They are recieving our WWW IP address.  When the Domain was originally set up the Third party used the domain name "ADMYDOMAIN" and it appears on all computers as "computer.mydomain.com".  The problem is our www domain is also called "mydomain.com".  I have set LMHOST files to list our exchange server and imported them into the VPN (I have not imported the HOST files) .  We still have the same results. Random users at random times recieving the external address.  Are basic internet settings are dynamically set to attain IP and DNS.

Where would I set this to eliminate the poitential for the users getting the IP address from our WWW.  Or will I need to do the terrible job of creating a new domain internally?

Question by:Karabustech
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 15

Expert Comment

ID: 11784840

When the user establishes a VPN connection to the network, it needs to be allocated an internal IP address and DNS settings.

Make sure that your Routing & Remote access service is set to get IP addresses from your internal DHCP server (Server properties, IP tab)

Make sure that the DHCP scope is set up properly, with the correct DNS server address(es)

The DNS server IP should be set to the IP address of your internal DNS server.

Test the VPN connection again and check what DNS server address you've got  (with ipconfig /all)

Ping the exchange server by name - it should resolve the IP address correctly.

On a related note, do you have the exchange server name listed on both the internal and external DNS servers?

Let me know how you get on with it, and I'll see what else I can come up with.


Author Comment

ID: 11785645
Thanks for speedy response.

Make sure that your Routing & Remote access service is set to get IP addresses from your internal DHCP server (Server properties, IP tab)

-It is set correctly

Make sure that the DHCP scope is set up properly, with the correct DNS server address(es)

-This is set and both DNS server IP addresses show.  Under Properties General tab the folloing options are selected:
03 Router
06 DNS Server
044 WINS/NBNS Servers
046 WINS/NBT Node Type

Are any others required? like 069 SMTP or 015 DNS Domain Name

Our Exchange server should only be listed internally.  It should not be listed anywhere externally.  

I did notice that the dns entry for the exchange server is in all CAPS.  Is DNS case sensitive?  The server name is all CAPS when I check properties of the exchange server.  However I do see entries in reverse lookup that the FQDN is in lower case and also NS records in lower case.

There is also a entry listed for www. that matches the IP address users are recieving when trying to connect to exchange.

Tested VPN again and it worked on one system but not on a second system.

When I do a /displaydns on the system while attached to vpn the FQDN of exchange is displayed in lower case.

Hope some of this info can help you help me.

LVL 15

Expert Comment

ID: 11785827
Hi Neil

The DHCP scope sounds good to me.  I assume that 046 WINS/NBT type is set to 0x8 ?

"Our Exchange server should only be listed internally.  It should not be listed anywhere externally. " 
You said "should", so I suggest that you check your external DNS :-)

DNS is not case-sensitive.

You said that it works on one system but not on another.  Just to clarify, is it always certain VPN users that have the problem?

Also - how is the exchange server defined on the client PC?  Is this manually entered, or do you use profgen to set this up?

On a PC that has this problem, can you please do the following?

Look at the Exchange account setup (through control panel) - confirm that the name of the server is correct.
Use "nbtstat -c" to see what NetBIOS to IP mappings you've got.
Go to a command prompt and ping the server name - check what IP you get back

If you let me know the results of the above, it'll help greatly

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!


Author Comment

ID: 11786497

Yes WINS/NBT is 0x8

This is a random problem and cannot be nailed down to a single computer.  It clears it self up for several logins then the problem starts again.

Our clients are configured manually and check name is selected.

I did just run the NBstat on a system right after connecting to the VPN.  It was blank!

I then pinged the exchange server by name and it replied with a time between 100 - 150ms.  It did report the correct IP address also.

I ran nbtstat again and the exchange server appeared with the following info

Name: ex2000   <00> Type: Unique      Host ADD:   Life: 592 secs

I checked the display dns and it had the correct IP address listed and the correct name.  This time it did not list the external address.  But outlook displays that server is unavailable then prompts again for the Username,password and Domain.

This is why I am so lost to me it appears as if it should be working but the server.
LVL 15

Accepted Solution

scampgb earned 1500 total points
ID: 11792674

Can you please try the above over a few VPN sessions to check that you're getting consistent results?

If that's the case, then we've established the following:

The DNS lookup for the server IP is working correctly
The NetBIOS name lookup is working (that's what NBTSTAT tells us).
The exchange server can be contacted, and return responses to the pings

One other thing to test, when you're connected to the VPN and are unable to access Outlook: try connecting to the Exchange server by UNC name - ie \\EX2000

You mentioned to start off with that the VPN clients were being supplied with the external address of your webserver.  Is this still the case with the tests above?

I must admit, I'm intrigued by this now!


Author Comment

ID: 11854126
Hi Steve,

thanks for your help and not returning more information.

It was a client side DNS issue.  The domain prefix was active under computer name.  This caused for some reason our users return our www. IP address.  Some reason instead of remaining in our network it was tunneling back out to the internet to check the DNS  I think it was split tunneling from the client side.

This was fixed by removing the prefix and adding new HOSTS and reapplying the LMHOSTS.  Also flushing dns and reapplying.

All is working now.

Thanks for your help.  It lead me in the right direction.  
LVL 15

Expert Comment

ID: 11855273
Hi.  Sorry that I couldn't find THE answer for you (it sounds like a very odd setup!), but I'm glad I managed to help in some way.

All the best.

Featured Post

Looking for a new Web Host?

Lunarpages' assortment of hosting products and solutions ensure a perfect fit for anyone looking to get their vision or products to market. Our award winning customer support and 30-day money back guarantee show the pride we take in being the industry's premier MSP.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question