Multiple DNS entries and unable to remote manage VPN clients

Hello
Two issues, possibly linked in some way. First is, VPN clients are showing their local IP and VPN IP (from ASA) in DNS i.e. 10.255.253.1 and 10.255.240.51 This causes issues connecting to the VPN IP 10.255.253.1 beciase of 2 DNS entries. Client on the LAN where the DHCP/DNS servers reside work fine. Only affect VPN users.

Other problem is that when clients are not showing the local IP of their WIFI card in DNS and showing the correct IP (it was working at some point previously) we cannot browse to that machine, so remote management doesnt work.

Ideas?

DNSNetworkingVPN

Last Comment

CHI-LTD

8/22/2022 - Mon

David Favor

1/15/2020

10.X.X.X addresses are local/private/nonroutable, so these addresses only work (packets route) inside a LAN.

No 10.X.X.X address will ever work with a VPN or any other tech, for any machine outside the 10.X.X.X related LAN.

Said another way, there are 1,000,000s of 10.255.240.51 addresses active at any given moment all over the world, on many LANs so routing packets outside any LAN to any instances of this IP makes no sense.

https://en.wikipedia.org/wiki/Private_network provides more detail, along with additional resources for research.

ASKER CERTIFIED SOLUTION

footech

1/17/2020

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.

View this solution by signing up for a free trial.

Members can start a 7-Day free trial and enjoy unlimited access to the platform.

See Pricing Options

Start Free Trial

GET A PERSONALIZED SOLUTION

Ask your own question & get feedback from real experts

Find out why thousands trust the EE community with their toughest problems.

CHI-LTD

1/20/2020

ASKER

Sorted, it was the split tunnelling on the firewall and rule configured for the remote client subnet that was only allowing certain ports. We also had a wannycry deny rule in place which was blocking.

Scavenging is enabled.

Thanks

CHI-LTD

1/20/2020

ASKER

Your help has saved me hundreds of hours of internet surfing.

fblack61