Solved

IPSec Site-to-Site VPN DNS resolving issues

Posted on 2011-09-15
4
287 Views
Last Modified: 2012-05-12
Experts,

I'm having a bit of a strange problem.  I've recently stood up a stie-to-site vpn between two sites with static IPs.  Both sites are using a Cisco RVS4000, and the VPN came up with no issues.

Now that the VPN is up, I'm having DNS issues.  On the remote end, I have clients set to use the DNS server in the primary site.

I can hit the server via its internal IP, but whenever I try and resolve any host names, DNS is returning the external IP address of the primary site.

I've flushed the DNS cache on all sides, and made sure that the internal IP is the only thing supplying clients with DNS addresses - but unfortunately - I'm still looking at my external IP whenever I try to resolve internal host names through the VPN.

I haven't seen something like this before, so anybody that has any insight - it would be more than welcome.
0
Comment
Question by:usslindstrom
  • 3
4 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36546760
What software are you running for your DNS server?  Does this all resolve correctly on the primary side?  Do you have separate internal and external zones?

Need more info.
0
 
LVL 5

Author Comment

by:usslindstrom
ID: 36546773
Primary site is AD.  DNS server is also a DC.

Primary site works fine.

No separate internal or external zones, only internal.  External DNS is being handled by www name provider.

Both sites were previously using a GRE tunnel (Cisco 2600s) but were recently upgraded to the small business router (RVS4000) that only supports IPSec tunnels.  In the router upgrade, it was planned to redo the servers on the remote site as well, but we've made it to the point where we're at now with this DNS problem.
0
 
LVL 5

Accepted Solution

by:
usslindstrom earned 0 total points
ID: 36546951
Disregard.  A network adapter on the unit (even though disabled), had entries in it's DNS fields.

For some reason, these were causing the problems, and after they were removed - everything worked as intended.
0
 
LVL 5

Author Closing Comment

by:usslindstrom
ID: 36565547
Solution required editing disabled NIC and removing DNS entries.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question