[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

IPSec Site-to-Site VPN DNS resolving issues

Posted on 2011-09-15
4
Medium Priority
?
295 Views
Last Modified: 2012-05-12
Experts,

I'm having a bit of a strange problem.  I've recently stood up a stie-to-site vpn between two sites with static IPs.  Both sites are using a Cisco RVS4000, and the VPN came up with no issues.

Now that the VPN is up, I'm having DNS issues.  On the remote end, I have clients set to use the DNS server in the primary site.

I can hit the server via its internal IP, but whenever I try and resolve any host names, DNS is returning the external IP address of the primary site.

I've flushed the DNS cache on all sides, and made sure that the internal IP is the only thing supplying clients with DNS addresses - but unfortunately - I'm still looking at my external IP whenever I try to resolve internal host names through the VPN.

I haven't seen something like this before, so anybody that has any insight - it would be more than welcome.
0
Comment
Question by:usslindstrom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36546760
What software are you running for your DNS server?  Does this all resolve correctly on the primary side?  Do you have separate internal and external zones?

Need more info.
0
 
LVL 5

Author Comment

by:usslindstrom
ID: 36546773
Primary site is AD.  DNS server is also a DC.

Primary site works fine.

No separate internal or external zones, only internal.  External DNS is being handled by www name provider.

Both sites were previously using a GRE tunnel (Cisco 2600s) but were recently upgraded to the small business router (RVS4000) that only supports IPSec tunnels.  In the router upgrade, it was planned to redo the servers on the remote site as well, but we've made it to the point where we're at now with this DNS problem.
0
 
LVL 5

Accepted Solution

by:
usslindstrom earned 0 total points
ID: 36546951
Disregard.  A network adapter on the unit (even though disabled), had entries in it's DNS fields.

For some reason, these were causing the problems, and after they were removed - everything worked as intended.
0
 
LVL 5

Author Closing Comment

by:usslindstrom
ID: 36565547
Solution required editing disabled NIC and removing DNS entries.
0

Featured Post

Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question