• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 863
  • Last Modified:

Cisco PPTP change default DNS server

I have been working on a  cisco 3005 for our sales users ( still in testing phase).  I have IPSEC working GREAT, I can browse, ping IPS, ping hostnames, perform Nslookups on domain no problem....   I also have a PPTP group configured in case my sales peeps can not get IPSEC to work on the road.....I can ping IPs and hostnames but when I use Nslookup it defaults to my routes DNS server and DNS queries fail.......any ideas and what are my options?  

fyi-  cisco IPSEC connects with Cisco client
PPTP connects with built in XP client....
1 Solution
Make sure you have this line in your PPTP config:
vpngroup pptpgroupname dns-server

The other option is to have your clients fill in the DNS server option when they are connecting.
scotto2003Author Commented:
I added the DNS servers on the General tab of the PPTP group and it didn't work.  This seems to be an XP issue because I have the DNS servers listed on the concentrator,  I have the TCPIP advanced properties of DNS and WINS set correctly and the laptop is getting an IP from my DHCP server which has the correct DNS info....  but the Nslookup queries are defaulting to the IP and config info from my router.   Use default gateway on remote network is checked as well.    If I do a tracert to www.dell.com it will go through the local IP of the Concentrator....

route print is showing default gateway as IP that dhcp server is handing to PPTP....  
scotto2003Author Commented:
everything seems to be working OK... wondering if it will cause problems since active directory leans so heavily on DNS
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Did you try modifying the connection in the Cisco VPN client - select Transport and check/uncheck the "allow local LAN access" box.

Not sure if this is even in the right ball park actually, just in case tho.. ;o)

good luck
scotto2003Author Commented:
The Cisco client only handles the IPSEC connection.... it's working great.   I have the PPTP working with the microsoft client....thanks tho...
scotto2003Author Commented:
Fixed myself-  please close question

Under Configuration | System | Servers | Authentication ... I had a kerberos server listed first.... and even though my group
properties did not list that server the VPN concentrator was still try to validate a PPTP connection with Active Directory... which
it can't....

Glad to hear you got it working.
You will need to post in support that you want this question closed & refunded.

Closed, 250 points refunded.
Friendly Neighbourhood Community Support Admin

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now