Solved

cant resolve DNS over site-to-site VPN

Posted on 2009-05-04
3
755 Views
Last Modified: 2012-05-06
I have a Linksys WRVS4400N Wireless Router w/ VPN configured to VPN into our main offices PIX. The VPN is up, and working, I can connect to anything from our remote office to our main office, so long as I use the IP.

remote office is 192.168.x.x
main office is 192.168.y.y

if I point my laptop's DNS to our main office DNS server, I can query places like google.com, and yahoo.com, no problem. I cannot however query srv01.domain.biz, assuming domain.local as my main offices internal domain.

did a nslookup with "set norecurse" and it spits back our external DNS servers as ns records, rather than the server we queried, which is authoritative for domain.biz

Any ideas on why our remote office isn't getting proper responses?
0
Comment
Question by:mnswhit
3 Comments
 
LVL 1

Expert Comment

by:George Lau
Comment Utility

 Let's assume you have your numbers correctly set, and your internal NS records are in order at your business. Perhaps the laptop is holding on to the residual NS numbers?

Start-->Run
cmd [click ok]
ipconfig /flushdns [enter]
(You should see a message about successfully flushing the DNS resolver cache.)
ipconfig /registerdns [enter]
(...another message about DNS registration.)

Try pinging srv01.domain.biz...


This is the easy solution. The next could possibly be your VPN concentrator is overriding DNS to the client...let's not go there unless we need to. :) I'd need to know a little more about the far end.

Good luck,
T

0
 
LVL 2

Expert Comment

by:e3user
Comment Utility
hey there

I dont know if did this but in the group-policy you should put the ip of the DNS servers:

group-policy vpnpolicy attributes
     dns value 78.xxx.xxx.xxx  79.xxx.xxx.xxx

if it is possible to show run and display it here
0
 
LVL 2

Accepted Solution

by:
mnswhit earned 0 total points
Comment Utility
I did try the ipconfig /flushdns and all. I ended up calling Cisco and Linksys in a conference call. After monitoring traffic on the PIX, we discovered that DNS was not going through the VPN. Running a sniffer on the laptop, it appears that the Linksys WRVS4400N was responding to the DNS queries even though it was not the DNS that was queried. Linksys now has a bug report on the issue.

Their suggestion was to utilize LMHOSTS file, which we are now doing. Thank you for your responses though.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now