shrewsoft VPN client and DNS

I have a Cisco ASA 5505 firewall that is set to work with ipsec vpn clients. With windows 7 it worked fine with the Cisco VPN client. With Win8 we had to abandon that in favor of the free Shrewsoft VPN client, which also worked fine.  Now we are at Win10, and the shrewsoft client is working on most PCs, but I have one that is being obstinate.
It appears that even though both the firewall and the client are set to send all DNS queries through the tunnel, they still get sent to the WAN gateway on the remote device...most of the time.  In the following clip, I connected the tunnel, then manually changed the DNS servers on the NIC to attempt to work-around the issue. Then I got something even more confusing.  If I ping or open a web browser, I get the address the WAN gateway is trying to provide. But nslookup reports the correct DNS server and IP address.

Here are the results:

C:\Users\ballen> ipconfig /flushdns
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\ballen>ping token
Pinging token.grid.loc [213.120.234.114] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 213.120.234.114:
   Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Control-C
^C
C:\Users\ballen>nslookup token
Server:  wendy.grid.loc
Address:  10.0.5.7

Name:    token.grid.loc
Address:  10.0.5.160


C:\Users\ballen>ping token

Pinging token.grid.loc [213.120.234.114] with 32 bytes of data:
Request timed out.


************************************
Does this make sense to anybody????
And yes, I get the same results if I enter the FQDN.
LVL 3
billherdeAsked:
Who is Participating?
 
max_the_kingConnect With a Mentor Commented:
Hi,
chances are that there is some mess in networking cards of the offended PC.
First thing you need to check that there are no multiple IP addresses on the same nic (in advanced ip connections).
If that is clean, you need to uninstall shrew soft completely (along with the virtusl card installed) which you should verify after reboot; then, when you're sure it is clean, you may reinstall shrew soft.

hope this helps
max
0
 
QlemoConnect With a Mentor DeveloperCommented:
nslookup uses DNS only, and ignores the DNS cache. Everything else goes thru the Windows resolver, using hosts, NetBIOS broadcasts, WINS and DNS. Maybe there is a WINS server set up?
0
 
billherdeAuthor Commented:
I thought of that, hence the flushdns.  And there is no WINs server on our network, but I can't be sure about the client end. From what I can tell. the client is on a simple home wifi network.
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
max_the_kingCommented:
i'm telling something really different from flushdns.
I'm afraid the problem is in PC's operating system and it matters with nic cards, either physical or wifi.

max
0
 
billherdeAuthor Commented:
We may never know the answer here.  Since we now had a VPN issue, I deployed the anyconnect solution on the firewall and had the remote user start using that.  He is no longer having the problem.  I have asked him if he would take the time to R&R Shewsoft and let me know the results, but he has not done so yet, and it is unlikely he will.
Overall, I agree this was something weird going on at the remote PC with windows resolver. I would have liked to nail it down, but I don't always get what I like.  Important part is the user can work, so I get to keep doing the same.
0
 
billherdeAuthor Commented:
This is the third time I have attempted to close this question.
0
All Courses

From novice to tech pro — start learning today.