WWW. and internal Windows Domain name

Posted on 2004-08-12
Last Modified: 2010-05-18
I am having a great deal of problems recently in negotiating Exchange over a VPN.

I think I have discovered my problem however I need a solution to the problem.  The users within the company are using the Microsoft VPN to access there Exchange remotely.  I have noticed that some users are recieving the incorrect IP address of our exchange Server.  They are recieving our WWW IP address.  When the Domain was originally set up the Third party used the domain name "ADMYDOMAIN" and it appears on all computers as "".  The problem is our www domain is also called "".  I have set LMHOST files to list our exchange server and imported them into the VPN (I have not imported the HOST files) .  We still have the same results. Random users at random times recieving the external address.  Are basic internet settings are dynamically set to attain IP and DNS.

Where would I set this to eliminate the poitential for the users getting the IP address from our WWW.  Or will I need to do the terrible job of creating a new domain internally?

Question by:Karabustech
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 15

Expert Comment

ID: 11784840

When the user establishes a VPN connection to the network, it needs to be allocated an internal IP address and DNS settings.

Make sure that your Routing & Remote access service is set to get IP addresses from your internal DHCP server (Server properties, IP tab)

Make sure that the DHCP scope is set up properly, with the correct DNS server address(es)

The DNS server IP should be set to the IP address of your internal DNS server.

Test the VPN connection again and check what DNS server address you've got  (with ipconfig /all)

Ping the exchange server by name - it should resolve the IP address correctly.

On a related note, do you have the exchange server name listed on both the internal and external DNS servers?

Let me know how you get on with it, and I'll see what else I can come up with.


Author Comment

ID: 11785645
Thanks for speedy response.

Make sure that your Routing & Remote access service is set to get IP addresses from your internal DHCP server (Server properties, IP tab)

-It is set correctly

Make sure that the DHCP scope is set up properly, with the correct DNS server address(es)

-This is set and both DNS server IP addresses show.  Under Properties General tab the folloing options are selected:
03 Router
06 DNS Server
044 WINS/NBNS Servers
046 WINS/NBT Node Type

Are any others required? like 069 SMTP or 015 DNS Domain Name

Our Exchange server should only be listed internally.  It should not be listed anywhere externally.  

I did notice that the dns entry for the exchange server is in all CAPS.  Is DNS case sensitive?  The server name is all CAPS when I check properties of the exchange server.  However I do see entries in reverse lookup that the FQDN is in lower case and also NS records in lower case.

There is also a entry listed for www. that matches the IP address users are recieving when trying to connect to exchange.

Tested VPN again and it worked on one system but not on a second system.

When I do a /displaydns on the system while attached to vpn the FQDN of exchange is displayed in lower case.

Hope some of this info can help you help me.

LVL 15

Expert Comment

ID: 11785827
Hi Neil

The DHCP scope sounds good to me.  I assume that 046 WINS/NBT type is set to 0x8 ?

"Our Exchange server should only be listed internally.  It should not be listed anywhere externally. " 
You said "should", so I suggest that you check your external DNS :-)

DNS is not case-sensitive.

You said that it works on one system but not on another.  Just to clarify, is it always certain VPN users that have the problem?

Also - how is the exchange server defined on the client PC?  Is this manually entered, or do you use profgen to set this up?

On a PC that has this problem, can you please do the following?

Look at the Exchange account setup (through control panel) - confirm that the name of the server is correct.
Use "nbtstat -c" to see what NetBIOS to IP mappings you've got.
Go to a command prompt and ping the server name - check what IP you get back

If you let me know the results of the above, it'll help greatly

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.


Author Comment

ID: 11786497

Yes WINS/NBT is 0x8

This is a random problem and cannot be nailed down to a single computer.  It clears it self up for several logins then the problem starts again.

Our clients are configured manually and check name is selected.

I did just run the NBstat on a system right after connecting to the VPN.  It was blank!

I then pinged the exchange server by name and it replied with a time between 100 - 150ms.  It did report the correct IP address also.

I ran nbtstat again and the exchange server appeared with the following info

Name: ex2000   <00> Type: Unique      Host ADD:   Life: 592 secs

I checked the display dns and it had the correct IP address listed and the correct name.  This time it did not list the external address.  But outlook displays that server is unavailable then prompts again for the Username,password and Domain.

This is why I am so lost to me it appears as if it should be working but the server.
LVL 15

Accepted Solution

scampgb earned 500 total points
ID: 11792674

Can you please try the above over a few VPN sessions to check that you're getting consistent results?

If that's the case, then we've established the following:

The DNS lookup for the server IP is working correctly
The NetBIOS name lookup is working (that's what NBTSTAT tells us).
The exchange server can be contacted, and return responses to the pings

One other thing to test, when you're connected to the VPN and are unable to access Outlook: try connecting to the Exchange server by UNC name - ie \\EX2000

You mentioned to start off with that the VPN clients were being supplied with the external address of your webserver.  Is this still the case with the tests above?

I must admit, I'm intrigued by this now!


Author Comment

ID: 11854126
Hi Steve,

thanks for your help and not returning more information.

It was a client side DNS issue.  The domain prefix was active under computer name.  This caused for some reason our users return our www. IP address.  Some reason instead of remaining in our network it was tunneling back out to the internet to check the DNS  I think it was split tunneling from the client side.

This was fixed by removing the prefix and adding new HOSTS and reapplying the LMHOSTS.  Also flushing dns and reapplying.

All is working now.

Thanks for your help.  It lead me in the right direction.  
LVL 15

Expert Comment

ID: 11855273
Hi.  Sorry that I couldn't find THE answer for you (it sounds like a very odd setup!), but I'm glad I managed to help in some way.

All the best.

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SSL-VPN 1 47
Application timeout 4 41
Exchange 2016 - not receiving mail 17 41
VMware:  Virtual switches and multiple NICs 9 46
Let’s list some of the technologies that enable smooth teleworking. 
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With  eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question