We have a PIX firewall and Cisco VPN 3000 concentrator. We use Internet Authentication Service on an Internal Windows Server. DHCP addresses are provided by the Cisco 3000.
I changed the Domain Controller on our Network and everything works fine within our firewall. However when I VPN to that network I'm forced to authenticate to connect to our Exchange Server and Network Drives. I ran ipconfig on my remote computer and noticed that the DNS was still pointing the old Domain Controller which has been demoted. I connected to our 3000 and found the old DNS and WINS ip addresses under User Management. I changed the setting to the correct address, saved the settings and rebooted the 3000. I also verified that the DNS server under system setting was set correctly. However when I connect again the WINS address is correct but the old DNS is still being given out. The host file on the remote PC is empty. I can change the DNS setting on the Virtual adapter once I'm connected and I have no problem. Of course once I disconnect and reconnect the Virtual adapter picks up the old DNS setting. Could there be a setting on our PIX that is controlling this? Any ideas?