• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 259
  • Last Modified:

Changed DNS on our Windows Network but when I VPN in I still get the old DNS

We have a PIX firewall and Cisco VPN 3000 concentrator.  We use Internet Authentication Service on an Internal Windows Server.  DHCP addresses are provided by the Cisco 3000.
I changed the Domain Controller on our Network and everything works fine within our firewall.  However when I VPN to that network I'm forced to authenticate to connect to our Exchange Server and Network Drives.   I ran ipconfig on my remote computer and noticed that the DNS was still pointing the old Domain Controller which has been demoted.  I connected to our 3000 and found the old DNS and WINS ip addresses under User Management.  I changed the setting to the correct address, saved the settings and rebooted the 3000.  I also verified that the DNS server under system setting was set correctly.  However when I connect again the WINS address is correct but the old DNS is still being given out.  The host file on the remote PC is empty.  I can change the DNS setting on the Virtual adapter once I'm connected and I have no problem.  Of course once I disconnect and reconnect the Virtual adapter picks up the old DNS setting.  Could there be a setting on our PIX that is controlling this?  Any ideas?  
0
lwrogers
Asked:
lwrogers
1 Solution
 
plemieux72Commented:
I am not sure on the 3000 but on the PIX, use the following example command to reassign the VPN clients new DNS server addresses:
vpngroup yourgroupname dns-server 192.168.1.2 192.168.1.3
0
 
lwrogersAuthor Commented:
I found the problem!  In the Cisco 3000 there is a base group and then specific groups that can be created.  Each specific group can have it's own dns settings which may or may not be inherited from the base group.  In my case it was setup to inherit the second dns and wins setting from the base group but not the primary dns.  So the primary dns was incorrect on the specific group.  Once corrected dns is now assigned correctly on incoming VPN sessions.  Case Closed!
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now