bwinkworth
asked on
RDP concerns over a VPN connection question
Hi
I've been experiencing this issue rarely with clients but fortunately it happened to me on the weekend. Here is what goes on.
I have my work laptop with me on the weekends. I successfully connected to our VPN and when attempted to RDP to my machine at work I would get the error stating that the computer may not be turned on or is not on the network etc. I know for a fact that it is turned on as I can ping it. If I change the RDP to the IP of my machine rather than the machine name then it works. The way I've fixed this is by connecting to the VPN then running an 'ipconfig /flushdns' while connected and then the machine name will work. But I don't want clients having to do this. Does anyone know what causes a remote computer all of a sudden not relating the machine name with the IP when 2 days prior it had worked before? Also it wasn't an issue of my not seeing the DNS servers as I could ping them no problem.
Thanks,
BW
I've been experiencing this issue rarely with clients but fortunately it happened to me on the weekend. Here is what goes on.
I have my work laptop with me on the weekends. I successfully connected to our VPN and when attempted to RDP to my machine at work I would get the error stating that the computer may not be turned on or is not on the network etc. I know for a fact that it is turned on as I can ping it. If I change the RDP to the IP of my machine rather than the machine name then it works. The way I've fixed this is by connecting to the VPN then running an 'ipconfig /flushdns' while connected and then the machine name will work. But I don't want clients having to do this. Does anyone know what causes a remote computer all of a sudden not relating the machine name with the IP when 2 days prior it had worked before? Also it wasn't an issue of my not seeing the DNS servers as I could ping them no problem.
Thanks,
BW
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the responses guys. hruggian...I've been trying to reproduce the problem but since I've flushed the DNS it's been working fine. I'm going to try and break it again today lol.
Qlemo: The firewall appliance is a Fortigate so only VPN traffice flows through it. All other internet traffic flows through their own ISP gateway.
BW
Qlemo: The firewall appliance is a Fortigate so only VPN traffice flows through it. All other internet traffic flows through their own ISP gateway.
BW
In that case, DNS will not be switched over to the remote site, and only full qualified names are working (or NetBIOS names if a WINS server is defined).
ASKER
Update:
So this weekend I took home my laptop. Didn't shut it down but rather I put it in Sleep mode. At home I logged into the vpn fine but could not RDP to my machine at work. I opened a cmd prompt and tried to ping my computers host name. Pinging the host name gave me:
Ping request could not find host 'my computer name at work'. Please check the name and try again.
Yet I could ping my IP of my machine fine and get 4 replies. I did a flushdns while connected to the vpn and still same problem. So I thought it maybe had something to do with me bringing it home in sleep mode so I shut down the laptop. After restarting I logged into the vpn (I'm on wireless btw) and could not RDP via host name. I did a flushdns while connected to the vpn and that worked. I was then able to RDP via host name. In my testing I neglected to try to RDP via FQDN. I'm going to try that tonight.
BW
So this weekend I took home my laptop. Didn't shut it down but rather I put it in Sleep mode. At home I logged into the vpn fine but could not RDP to my machine at work. I opened a cmd prompt and tried to ping my computers host name. Pinging the host name gave me:
Ping request could not find host 'my computer name at work'. Please check the name and try again.
Yet I could ping my IP of my machine fine and get 4 replies. I did a flushdns while connected to the vpn and still same problem. So I thought it maybe had something to do with me bringing it home in sleep mode so I shut down the laptop. After restarting I logged into the vpn (I'm on wireless btw) and could not RDP via host name. I did a flushdns while connected to the vpn and that worked. I was then able to RDP via host name. In my testing I neglected to try to RDP via FQDN. I'm going to try that tonight.
BW
ASKER
Ok so it happened again but this time as usual I could not ping my machine by it's host name but I COULD ping it as 'hostname.domainname.int'
So it's like something is going on with the DNS suffix? I know you can add the DNS suffix in the properties but what would cause this?
Thanks,
BW
So it's like something is going on with the DNS suffix? I know you can add the DNS suffix in the properties but what would cause this?
Thanks,
BW
ASKER
Another update:
I had a remote client log into the vpn and when Outlook was started it would say 'Disconnected' in the bottom right corner. Hitting Send/Receive and it would say 'Trying to connect to Microsoft Exchange' and failing with 'Disconnected". So I remoted into his machine and ran some ipconfig and ping tests. I COULD ping the exchange server by IP. If I pinged it by it's hostname, it would come back with some crazy IP of 199.101.25.21 which is no private IP belonging to us. IPCONFIG did show the proper DNS servers of our internal network. Eventually doing a flushdns and then a registerdns, everything connected and all was well. Where would his laptop get an improper IP address for our exchange server? This is what concerns me and it could happen to other remote clients.
Thanks,
BW
I had a remote client log into the vpn and when Outlook was started it would say 'Disconnected' in the bottom right corner. Hitting Send/Receive and it would say 'Trying to connect to Microsoft Exchange' and failing with 'Disconnected". So I remoted into his machine and ran some ipconfig and ping tests. I COULD ping the exchange server by IP. If I pinged it by it's hostname, it would come back with some crazy IP of 199.101.25.21 which is no private IP belonging to us. IPCONFIG did show the proper DNS servers of our internal network. Eventually doing a flushdns and then a registerdns, everything connected and all was well. Where would his laptop get an improper IP address for our exchange server? This is what concerns me and it could happen to other remote clients.
Thanks,
BW
If the name resolution takes place before the DNS server is set different, the wrong one is cached. Obviously you are using a domain name which is duplicated somewhere. The IP is not resolvable, and the address not routable from my side, so I cannot tell more. However, it is NOT a private IP, and belongs to "Florida Department of Labor, Division of Safety" according to whois.
ASKER
So is there a way to prevent this? Like turn off caching and always look for the new DNS server when connecting? How do others get around this?
Thanks
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks qlemo and hruggian from the beginning
If you VPN in, do you switch the default gateway (using the remote gateway for ALL traffic but VPN)? That is, is "Use remote gateway ..." setting in RAS properties active?