Link to home
Create AccountLog in
Avatar of CHI-LTD
CHI-LTDFlag for United Kingdom of Great Britain and Northern Ireland

asked on

Multiple DNS entries and unable to remote manage VPN clients

Hello
Two issues, possibly linked in some way.  First is, VPN clients are showing their local IP and VPN IP (from ASA) in DNS i.e. 10.255.253.1 and 10.255.240.51  This causes issues connecting to the VPN IP 10.255.253.1 beciase of 2 DNS entries.  Client on the LAN where the DHCP/DNS servers reside work fine.  Only affect VPN users.

Other problem is that when clients are not showing the local IP of their WIFI card in DNS and showing the correct IP (it was working at some point previously) we cannot browse to that machine, so remote management doesnt work.

Ideas?
Avatar of David Favor
David Favor
Flag of United States of America image

10.X.X.X addresses are local/private/nonroutable, so these addresses only work (packets route) inside a LAN.

No 10.X.X.X address will ever work with a VPN or any other tech, for any machine outside the 10.X.X.X related LAN.

Said another way, there are 1,000,000s of 10.255.240.51 addresses active at any given moment all over the world, on many LANs so routing packets outside any LAN to any instances of this IP makes no sense.

https://en.wikipedia.org/wiki/Private_network provides more detail, along with additional resources for research.
ASKER CERTIFIED SOLUTION
Avatar of footech
footech
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of CHI-LTD

ASKER

Sorted, it was the split tunnelling on the firewall and rule configured for the remote client subnet that was only allowing certain ports.  We also had a wannycry deny rule in place which was blocking.

Scavenging is enabled.

Thanks
Avatar of CHI-LTD

ASKER

Sorted, it was the split tunnelling on the firewall and rule configured for the remote client subnet that was only allowing certain ports.  We also had a wannycry deny rule in place which was blocking.

Scavenging is enabled.

Thanks