Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Issue: Cisco VPN Client

Posted on 2009-05-19
10
Medium Priority
?
269 Views
Last Modified: 2012-05-07
I have been experiencing an issue with a Cisco VPN Client while connecting to a government site.  The problem began occuring when we moved the workstation that it is on to a new domain.  Once on the new domain we could not contact the site (our connection would fail).  
If I move the workstation back to the old domain, the user can connect to the site via the VPN no problem.

I believe that it may be a DNS issue.  Our old domain was a NT 4.0 domain controller and the new one is an Active Directory domain.  Prior to the new domain our DHCP would point users to the ISP's external DNS, because of AD the new DHCP points to the internal DNS which is also the AD server.

Any ideas?

Please help!
0
Comment
Question by:MightyMikey
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 20

Expert Comment

by:RPPreacher
ID: 24428196
Is the vpn client pointing to a name or IP?
What are the ping results new domain versus old domain?
0
 

Author Comment

by:MightyMikey
ID: 24428215
The vpn client points to a name (prefix.domain.com), although i've tried changing it to an IP, but i was still frustrated by failure.  The vpn client can connect to the vpn server on the new domain because it authenticated and showed a stable connection, but the actual application that uses and runs on the vpn cannot access its intended host through the vpn on the new domain.  Everything works fine on the old.
0
 
LVL 20

Expert Comment

by:RPPreacher
ID: 24428226
When you attempt to ping prefix.domain.com on the new domain, what are the results?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:MightyMikey
ID: 24428296
I can ping the VPN host from both domains, but i cannot ping the server/IP that the application communicates with once the vpn connection is up between the new domain and the vpn server.

Does that make sense?
0
 
LVL 20

Expert Comment

by:RPPreacher
ID: 24428308
If I understand, you are saying that you CAN make a VPN connection from both domains; however, once connected, the client cannot ping the destination server by name?

If this is accurate, when you ping the name of the destination server, what is the result?
0
 

Author Comment

by:MightyMikey
ID: 24428429
when i ping the final destination on the remote network prefix2.domain.com i receive a message saying:  "Ping request could not find host prefix2.domain.com.  Please check the name and try again."

What do you think?
0
 

Author Comment

by:MightyMikey
ID: 24428442
I just discoved that I can ping it by IP but not by domain name.
0
 

Author Comment

by:MightyMikey
ID: 24428465
any other ideas?  I cannot change the address that the application connects to, it must connect to the prefix2.domain.com address and not by IP.  Whats wrong with the dns?
0
 
LVL 22

Accepted Solution

by:
chakko earned 1000 total points
ID: 24428546
you can use the hosts file to bypass/workaround a DNS or name resolution problem.

try making an entry in your hosts file  (c:\windows\system32\drivers\etc\hosts )

add an entry for the IP and name:

xxx.xxx.xxx.xxx   prefix2.domain.com


add entries for other hosts if you need to.

if you need to connect by netbios name you can make the entry like this:

xxx.xxx.xxx.xxx   prefix2    prefix2.domain.com



0
 
LVL 20

Assisted Solution

by:RPPreacher
RPPreacher earned 1000 total points
ID: 24430258
Add a zone to your DNS for domain.com
Add an A record to the new zome pointing to prefix.domain.com
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question