Network Management Strategies for the CIO
Recently, when users have been connecting to our VPN servers they are unable to resolve host name information. When we do a ping or traceroute to an internal hostname, the request times out and the internal hostname that it tries to resolve is 64.94.110.11. When I do an NSLOOKUP, the default DNS server is the ISP's and not our internal DNS servers. All our office users internally are having no problems resolving hostnames and such. I know that the address I mentioned is VeriSign sitefinder address that they just implemented. The problem started around the time VeriSign added the wildcard to the root servers. Have you heard of anything like this? I would appreciate your input.
Requires Free Membership to View
I am going to infer from your question that you are either using PPTP or L2TP over IPsec for your remote access VPN solution with Microsoft and that in either case you are seeing this problem. I am not familiar with the version(s) you are using but the simple answer to your question is that this has been an issue for a while.
There are workarounds to this problem that have been documented over the years. Review your DNS resolution scheme for the internal hostnames and ensure that the DHCP server is handing out this DNS when connecting to the VPN rather than an external ISP provided DNS. Other options are to review the routing table of the client after it has connected to the VPN and ensure that the DNS addresses are reachable via the route table.
Sorry I couldn't be of specific help.
These resources may be of help:
Collection of VPN tips:
http://searchnetworking.techtarget.com/tipsIndex/0,289482,sid7_tax284971_alpD_idx0,00.html
SearchWin2000.com resources on Windows and VPNs:
http://searchwin2000.techtarget.com/search/1,293876,sid1,00.html?filter=on&query=VPN&within=text&ctype=ADVICE
This was first published in November 2003
Join the conversationComment
Share
Comments
Results
Contribute to the conversation