Solved

IPSec Site-to-Site VPN DNS resolving issues

Posted on 2011-09-15
4
285 Views
Last Modified: 2012-05-12
Experts,

I'm having a bit of a strange problem.  I've recently stood up a stie-to-site vpn between two sites with static IPs.  Both sites are using a Cisco RVS4000, and the VPN came up with no issues.

Now that the VPN is up, I'm having DNS issues.  On the remote end, I have clients set to use the DNS server in the primary site.

I can hit the server via its internal IP, but whenever I try and resolve any host names, DNS is returning the external IP address of the primary site.

I've flushed the DNS cache on all sides, and made sure that the internal IP is the only thing supplying clients with DNS addresses - but unfortunately - I'm still looking at my external IP whenever I try to resolve internal host names through the VPN.

I haven't seen something like this before, so anybody that has any insight - it would be more than welcome.
0
Comment
Question by:usslindstrom
  • 3
4 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36546760
What software are you running for your DNS server?  Does this all resolve correctly on the primary side?  Do you have separate internal and external zones?

Need more info.
0
 
LVL 5

Author Comment

by:usslindstrom
ID: 36546773
Primary site is AD.  DNS server is also a DC.

Primary site works fine.

No separate internal or external zones, only internal.  External DNS is being handled by www name provider.

Both sites were previously using a GRE tunnel (Cisco 2600s) but were recently upgraded to the small business router (RVS4000) that only supports IPSec tunnels.  In the router upgrade, it was planned to redo the servers on the remote site as well, but we've made it to the point where we're at now with this DNS problem.
0
 
LVL 5

Accepted Solution

by:
usslindstrom earned 0 total points
ID: 36546951
Disregard.  A network adapter on the unit (even though disabled), had entries in it's DNS fields.

For some reason, these were causing the problems, and after they were removed - everything worked as intended.
0
 
LVL 5

Author Closing Comment

by:usslindstrom
ID: 36565547
Solution required editing disabled NIC and removing DNS entries.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now