?
Solved

vpn fails to resolve remote DNS

Posted on 2007-11-15
8
Medium Priority
?
764 Views
Last Modified: 2008-02-01
I have a Windows 2003 server behind a linksys WRVS4400N firewall.  I have the latest firmware update and it allows GRE packets through on port 1723.  I can create a VPN connection just fine to the 2003 server.

However when I try to get any mapped drives, or resolve any hosts, it fails using the remote DNS.
example, to get to the NAS machine, internal users go to \\nas and in this case the only way to get to it is by IP \\192.168.4.20

DNS resolves internally properly, but NSLookup fails when used from the outside.  This is happening on all of the VPN clients I have.  I have setup more than 30 VPN sites and it is only in the last few weeks that this has started happening.  Using LMHosts is not a viable answer.
0
Comment
Question by:AJRenck
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 12

Expert Comment

by:bhnmi
ID: 20289678
how bout if you use the FQDN of the server when doing the lookup? Also, why is editing the host file not an option?
0
 

Author Comment

by:AJRenck
ID: 20289871
too many machines will be using these machines.  In total over 20 sites it is over 1000 computers that will be VPN'ing in.

Yes, if I use the FQDN it would work for the most part I believe.  I will have to double check.
0
 
LVL 29

Expert Comment

by:Michael Worsham
ID: 20289960
Please post your ipconfig /all configuration when you are connected to the remote site via VPN. Perhaps its not picking up the remote DNS server when the IP address is assigned.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 32

Expert Comment

by:dpk_wal
ID: 20290219
Have you tried adding DNS suffic in the VPN adapter TCP/IP settings; if you are able to ping the remote resources when using FQDN I think with the dns suffix added the things should start rolling.

Thank you.
0
 

Author Comment

by:AJRenck
ID: 20294855
PPP adapter neoptx3:

        Connection-specific DNS Suffix  . : vsi.com
        Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
        Physical Address. . . . . . . . . : 00-53-45-00-00-00
        Dhcp Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 192.1.1.160
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 192.1.1.160
        DNS Servers . . . . . . . . . . . : 192.1.1.64
                                            192.1.1.64
        Primary WINS Server . . . . . . . : 192.1.1.64
        Secondary WINS Server . . . . . . : 192.1.1.64

Now I can get to the machine via DNS, but it will not accept a valid user/pass for getting to machines.
0
 
LVL 29

Expert Comment

by:Michael Worsham
ID: 20361236
What is the error that you are getting now -- i.e. what does it say, in detail?
0
 
LVL 12

Accepted Solution

by:
bhnmi earned 1500 total points
ID: 20361267
Are you using domain\username syntax?
0
 

Author Comment

by:AJRenck
ID: 20363481
Poor management of the disk array:
They were trying to connect as "administrator" instead of as their own usernames.  I have logged in using the correct usernames now.  BTW, when using nslookup it fails on the lookup but pinging it (with or without FQDN) lets it work.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question