Microsoft
Software
Hardware
Network
Question : WinXP VPN connection - DNS queries are sent to wrong DNS server
Hi!
Well, this prob is driving me mad. I've established an L2TP over IPSec VPN connection from my home location to my company.
The VPN connection is don over my local router with inet access. My local router acts as DNS relay, so when i surf normally, all
DNS queries are sent to this one.
When i connect my VPN i can ping my companys machines perfectly. The VPN also assignes the companies DNS servers to the
connection, and if i do a fully qualified nslookup to a machine at the company i get a response from the company DNS server.
The problem now is if i do for an example "nslookup offw2k3mx001.css.net" i get the right 192.168.1.25 ip address, but if i
"ping offw2k3mx001.css.net" i get an ip of 204.13.160.129, the same ip i can find in the DNS resolver cache.
I did a little sniffing and i saw that the DNS request that is done when i did the ping command has gone to my local router DNS relay.
That one does what it should and goes out to the big wide world and delivers me a different IP.
Is there a way to force my machine to use the VPN connections DNS first hand? I tried that config above with a colleague of mine and it
worked fine for him, his WinXP asked the VPNs DNS.
Any help would be appreciated,
cheers,
Stefan
Some side info:
My routes:
==========================
==========
==========
==========
==========
=========
Interface List
0x1 ..........................
. MS TCP Loopback interface
0x2 ...00 13 02 29 dc f8 ...... Intel(R) PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
0x3 ...00 15 58 28 fc c4 ...... Intel(R) PRO/1000 PL Network Connection - Packet Scheduler Miniport
0xa0005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
==========================
==========
==========
==========
==========
=========
==========================
==========
==========
==========
==========
=========
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.10.1.1 10.10.1.37 21
0.0.0.0 0.0.0.0 192.168.10.2 192.168.10.2 1
10.10.1.0 255.255.255.0 10.10.1.37 10.10.1.37 20
10.10.1.37 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.10.1.37 10.10.1.37 20
62.99.230.114 255.255.255.255 10.10.1.1 10.10.1.37 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.10.2 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.10.255 255.255.255.255 192.168.10.2 192.168.10.2 50
224.0.0.0 240.0.0.0 10.10.1.37 10.10.1.37 20
224.0.0.0 240.0.0.0 192.168.10.2 192.168.10.2 1
255.255.255.255 255.255.255.255 10.10.1.37 10.10.1.37 1
255.255.255.255 255.255.255.255 10.10.1.37 2 1
255.255.255.255 255.255.255.255 192.168.10.2 192.168.10.2 1
Default Gateway: 192.168.10.2
==========================
==========
==========
==========
==========
=========
Persistent Routes:
None
My IpConfig:
Windows IP Configuration
Host Name . . . . . . . . . . . . : devwxpws140
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : css.net
Ethernet adapter WLAN IBM:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Intel(R) PRO/Wireless 3945ABG Network Connection
Physical Address. . . . . . . . . : 00-13-02-29-DC-F8
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 PL Network Connection
Physical Address. . . . . . . . . : 00-15-58-28-FC-C4
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 10.10.1.37
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.1.1
DHCP Server . . . . . . . . . . . : 10.10.1.1
DNS Servers . . . . . . . . . . . : 10.10.1.1
Lease Obtained. . . . . . . . . . : Montag, 01. Jänner 2007 13:00:54
Lease Expires . . . . . . . . . . : Dienstag, 02. Jänner 2007 01:00:54
PPP adapter CSS:
Connection-specific DNS Suffix . : css.net
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.2
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 192.168.10.2
DNS Servers . . . . . . . . . . . : 192.168.1.20
192.168.1.21
Primary WINS Server . . . . . . . : 192.168.1.20
Secondary WINS Server . . . . . . : 192.168.1.21
Answer : WinXP VPN connection - DNS queries are sent to wrong DNS server
A shot in the dark here, but perhaps the local machine does not know how to reach the remote machine where it is on a different subnet (assuming not a typo) 192.168.1.x
As a test once the VPN is connected, try adding the following route:
route add 192.168.1.0 mask 255.255.255.0 192.168.10.2
note: make sure 192.168.10.2 is the VPN/virtual adapter's IP. Change if not.
to delete the route:
route delete 192.168.1.0
if the above works, make sure the client has a static VPN IP, or a DHCP reservation, and make the route permanent:
route -p add 192.168.1.0 mask 255.255.255.0 192.168.10.2
You should also flush the cache
ipconfig /flushdns
You also should enable the "use default gateway option" on the VPN/virtual adapter, though it looks as if you have;
control panel | network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | check "Use default gateway on remote network"
Random Solutions
list established tcp connections on remote server
Cisco BBSM, Aironet 1200, ACS
Replica problem - Master replica two weeks off RW replicas
Removing an Active Directory replication Partner
Permeant Dialup PPP Connection
Cisco Antenna - Troubleshooting
Outlook 2003 on Vista can receive but not send e-mail
Laptop WiFi problem with network connections
LINUX/UNIX %CPU and Memory via SNMP
Cisco LWAPP 1131 Default Password
