• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 188
  • Last Modified:

external IP's resolving instead of internal for VPN clients

I have the same problem at a number of clients and the same problem as others at Experts Exchange which have not got a solution.  VPN is working with simple pptp. I can browse etc.  
NSLOOKUP shows ISP DNS servers before Internal DNS servers for the clients; that looks wrong to me.  
IPconfig /all shows properly for WINS and DNS all showing internal IPs.
DNS works properly within the network for everyone internal.  Exchange is at abc.def.com internally at and our ISP has an identical host name abc.def.com registered for an external address of xxx.yyy.zzz.aaa which also works for VPN connection.  The only time it doesn't work is after a vpn client accesses the local network for exchange and gets blocked because he gets the external ip for the host name.  I tried lmhosts lookup in the VPN networking advanced properties and also unclicking the "use default gateway on remote network" I put static entry's for DNS and WINS which did help for some things but not this.

  • 2
  • 2
1 Solution
Hi peterrhughes,

I would suggest statically setting the DNS on the clients that roam outside the LAN.  I would set the Primary DNS to the internal, Active Directory DNS server address and set the Secondary DNS to a know external DNS server, like ISP's DNS server.  This will allow the client to always resolve based on the internal DNS server if it can, and only use the external DNS server when it can't reach the internal DNS server.

Hope this helps,
peterrhughesAuthor Commented:
Good idea, I will try it now.
peterrhughesAuthor Commented:
holy smokes you can't immmmagine how exciting this is.
Award this guy Alan 1000 points for answering my question and one just like it on the featured VPN questions that was sort of abandoned without a correct solution.  It was and internal external DNS question just like mine.

Beauty out to you buddy from Canada!

I didn't think the failover in DNS actually worked that well.
What an eligant answer getting something to fail when not being able to correctly configure something they way we should be able to.

I am happy happy happy.  And the answer came quick to.

Thanks Alan.  
You are most welcome.  Glad it solved your problem.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now