Solved

Issue: Cisco VPN Client

Posted on 2009-05-19
10
264 Views
Last Modified: 2012-05-07
I have been experiencing an issue with a Cisco VPN Client while connecting to a government site.  The problem began occuring when we moved the workstation that it is on to a new domain.  Once on the new domain we could not contact the site (our connection would fail).  
If I move the workstation back to the old domain, the user can connect to the site via the VPN no problem.

I believe that it may be a DNS issue.  Our old domain was a NT 4.0 domain controller and the new one is an Active Directory domain.  Prior to the new domain our DHCP would point users to the ISP's external DNS, because of AD the new DHCP points to the internal DNS which is also the AD server.

Any ideas?

Please help!
0
Comment
Question by:MightyMikey
  • 5
  • 4
10 Comments
 
LVL 20

Expert Comment

by:RPPreacher
ID: 24428196
Is the vpn client pointing to a name or IP?
What are the ping results new domain versus old domain?
0
 

Author Comment

by:MightyMikey
ID: 24428215
The vpn client points to a name (prefix.domain.com), although i've tried changing it to an IP, but i was still frustrated by failure.  The vpn client can connect to the vpn server on the new domain because it authenticated and showed a stable connection, but the actual application that uses and runs on the vpn cannot access its intended host through the vpn on the new domain.  Everything works fine on the old.
0
 
LVL 20

Expert Comment

by:RPPreacher
ID: 24428226
When you attempt to ping prefix.domain.com on the new domain, what are the results?
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:MightyMikey
ID: 24428296
I can ping the VPN host from both domains, but i cannot ping the server/IP that the application communicates with once the vpn connection is up between the new domain and the vpn server.

Does that make sense?
0
 
LVL 20

Expert Comment

by:RPPreacher
ID: 24428308
If I understand, you are saying that you CAN make a VPN connection from both domains; however, once connected, the client cannot ping the destination server by name?

If this is accurate, when you ping the name of the destination server, what is the result?
0
 

Author Comment

by:MightyMikey
ID: 24428429
when i ping the final destination on the remote network prefix2.domain.com i receive a message saying:  "Ping request could not find host prefix2.domain.com.  Please check the name and try again."

What do you think?
0
 

Author Comment

by:MightyMikey
ID: 24428442
I just discoved that I can ping it by IP but not by domain name.
0
 

Author Comment

by:MightyMikey
ID: 24428465
any other ideas?  I cannot change the address that the application connects to, it must connect to the prefix2.domain.com address and not by IP.  Whats wrong with the dns?
0
 
LVL 22

Accepted Solution

by:
chakko earned 250 total points
ID: 24428546
you can use the hosts file to bypass/workaround a DNS or name resolution problem.

try making an entry in your hosts file  (c:\windows\system32\drivers\etc\hosts )

add an entry for the IP and name:

xxx.xxx.xxx.xxx   prefix2.domain.com


add entries for other hosts if you need to.

if you need to connect by netbios name you can make the entry like this:

xxx.xxx.xxx.xxx   prefix2    prefix2.domain.com



0
 
LVL 20

Assisted Solution

by:RPPreacher
RPPreacher earned 250 total points
ID: 24430258
Add a zone to your DNS for domain.com
Add an A record to the new zome pointing to prefix.domain.com
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question