Ask the Expert

When users have been connecting to our VPN servers they are unable to resolve host name information.

We currently run Microsoft RRAS for remote users using high-speed connections. When our client's connect they receive network config info from our DHCP server, dns, ip, wins.

Recently, when users have been connecting to our VPN servers they are unable to resolve host name information. When we do a ping or traceroute to an internal hostname, the request times out and the internal hostname that it tries to resolve is When I do an NSLOOKUP, the default DNS server is the ISP's and not our internal DNS servers. All our office users internally are having no problems resolving hostnames and such. I know that the address I mentioned is VeriSign sitefinder address that they just implemented. The problem started around the time VeriSign added the wildcard to the root servers. Have you heard of anything like this? I would appreciate your input.

    Requires Free Membership to View

I am going to infer from your question that you are either using PPTP or L2TP over IPsec for your remote access VPN solution with Microsoft and that in either case you are seeing this problem. I am not familiar with the version(s) you are using but the simple answer to your question is that this has been an issue for a while.

There are workarounds to this problem that have been documented over the years. Review your DNS resolution scheme for the internal hostnames and ensure that the DHCP server is handing out this DNS when connecting to the VPN rather than an external ISP provided DNS. Other options are to review the routing table of the client after it has connected to the VPN and ensure that the DNS addresses are reachable via the route table.

Sorry I couldn't be of specific help.

These resources may be of help:
Collection of VPN tips:,289482,sid7_tax284971_alpD_idx0,00.html resources on Windows and VPNs:,293876,sid1,00.html?filter=on&query=VPN&within=text&ctype=ADVICE

This was first published in November 2003

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: