Link to home
Start Free TrialLog in
Avatar of Bill Herde
Bill HerdeFlag for United States of America

asked on

shrewsoft VPN client and DNS

I have a Cisco ASA 5505 firewall that is set to work with ipsec vpn clients. With windows 7 it worked fine with the Cisco VPN client. With Win8 we had to abandon that in favor of the free Shrewsoft VPN client, which also worked fine.  Now we are at Win10, and the shrewsoft client is working on most PCs, but I have one that is being obstinate.
It appears that even though both the firewall and the client are set to send all DNS queries through the tunnel, they still get sent to the WAN gateway on the remote device...most of the time.  In the following clip, I connected the tunnel, then manually changed the DNS servers on the NIC to attempt to work-around the issue. Then I got something even more confusing.  If I ping or open a web browser, I get the address the WAN gateway is trying to provide. But nslookup reports the correct DNS server and IP address.

Here are the results:

C:\Users\ballen> ipconfig /flushdns
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\ballen>ping token
Pinging token.grid.loc [213.120.234.114] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 213.120.234.114:
   Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Control-C
^C
C:\Users\ballen>nslookup token
Server:  wendy.grid.loc
Address:  10.0.5.7

Name:    token.grid.loc
Address:  10.0.5.160


C:\Users\ballen>ping token

Pinging token.grid.loc [213.120.234.114] with 32 bytes of data:
Request timed out.


************************************
Does this make sense to anybody????
And yes, I get the same results if I enter the FQDN.
SOLUTION
Avatar of Qlemo
Qlemo
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Bill Herde

ASKER

I thought of that, hence the flushdns.  And there is no WINs server on our network, but I can't be sure about the client end. From what I can tell. the client is on a simple home wifi network.
Avatar of max_the_king
max_the_king

i'm telling something really different from flushdns.
I'm afraid the problem is in PC's operating system and it matters with nic cards, either physical or wifi.

max
We may never know the answer here.  Since we now had a VPN issue, I deployed the anyconnect solution on the firewall and had the remote user start using that.  He is no longer having the problem.  I have asked him if he would take the time to R&R Shewsoft and let me know the results, but he has not done so yet, and it is unlikely he will.
Overall, I agree this was something weird going on at the remote PC with windows resolver. I would have liked to nail it down, but I don't always get what I like.  Important part is the user can work, so I get to keep doing the same.
This is the third time I have attempted to close this question.