dns issues?

Discussion in 'Windows Desktop Systems' started by fimchick, Feb 15, 2006.

  1. fimchick

    fimchick OSNN Senior Addict

    Messages:
    276
    Location:
    Somewhere
    hi folks,

    i have a very odd problem -- some, not all, of my users can't resolve our server hostnames when they get on the vpn. however, they can get to the server by ip without a problem. using a FQDN doesn't help either, only ip works.

    why is it that only some users have this issue and not others? has anyone experienced this kind of problem before?


    thanks!!
     
  2. Geffy

    Geffy Moderator Folding Team

    Messages:
    7,805
    Location:
    United Kingdom
    is it a properly listed domain name or one you created for the network? Do the VPN clients have your DNS server listed when they connect?
     
  3. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    Does FQDN work for the users who CAN resolve the server DNS name?

    I would suggest looking at the DHCP server on the RRAS side. I would look to see what address ranges those who are having problems are falling in, versus the users who aren't having problems. Does it happen at the same time of day? Can some people get on, and others can't, at the same time of the day?

    Do you have pre-configured VPN clients installed on these machines? It is also possible that the users who can't connect aren't obtaining a valid internal IP, and are still using the IP from their ISP wherever they are.
     
  4. fimchick

    fimchick OSNN Senior Addict

    Messages:
    276
    Location:
    Somewhere
    hmm, not sure what you mean by this:

    when i do an nslookup on the clients when they're on the vpn, i can see our dns server listed.
     
  5. fimchick

    fimchick OSNN Senior Addict

    Messages:
    276
    Location:
    Somewhere
    Hmm, I will check the DHCP settings. I don't think it's the client VPN problem, we're just using windows VPN to connect. very simple, nothing fancy or exotic.

    Thanks for the replies guys!
     
  6. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    I don't have anything in front of me, but the reason I brought up the client is because you can configure where to obtain an IP address from. You want to ensure that when they connect, they are grabbing an internal IP, as well as full network information (including DNS). If they are using their own ISP, they won't be able to resolve your server names because the server is internal to your network.

    As an addendum to my DHCP server comment, the more I think about it, I would doubt the users that cannot connect will be logged in there, indicating they are not pulling an address.
     
  7. Mainframeguy

    Mainframeguy Debiant by way of Ubuntu Folding Team

    Messages:
    3,763
    Location:
    London, UK
    I think it very likely IS a clientside issue - as someone who uses VPN at least five times a week in exactly the manner described for my livelihood I have come acorss this myself.

    Firstly I assume domain name propagation is simply a non-issue here?

    Then secondly I would advise all clients (hope it is not too many, and that they know how to do this readily!) to add your DNS server to the mix. Then post back if any problem remains.... Fact is there have been a few other issues in this arena - one other thing to make mandatory is that they are all SP2, but I am taking that as a given.
     
  8. fimchick

    fimchick OSNN Senior Addict

    Messages:
    276
    Location:
    Somewhere
    You are correct, they are all running SP2. What do you mean by "adding the DNS server to the mix"?
     
  9. Mainframeguy

    Mainframeguy Debiant by way of Ubuntu Folding Team

    Messages:
    3,763
    Location:
    London, UK
    OK I shall assume you know exactly where my shorthand takes you -

    VPN connection --> Properties --> TCP/IP ---> Advanced ---> Add other DNS server.

    This to be done for all clients - adding YOUR DNS servers IP address.

    hope that all makes sense, I expect it will, since you seem to know what I am talking about...
     
    fimchick likes this.
  10. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    MFG, that is more what I had inquired to pre-configure and deploy VPN client configurations. Otherwise, if your tip corrects it, it will have to be done manually on each client laptop.
     
  11. fimchick

    fimchick OSNN Senior Addict

    Messages:
    276
    Location:
    Somewhere
    Roger dodger! I gotcha now. I'll check and post back here! Thanks guys!
     
  12. Mainframeguy

    Mainframeguy Debiant by way of Ubuntu Folding Team

    Messages:
    3,763
    Location:
    London, UK
    /me awaits post back.... All sorted now? When there is no postback I tend to assume that, but it ain't necessarily so.....
     
  13. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    Yeah I'm curious too, what happened ? :)
     
  14. LordOfLA

    LordOfLA Godlike!

    Messages:
    7,027
    Location:
    Maidenhead, Berkshire, UK
    the cat's down to 6 lives now :)
     
  15. fimchick

    fimchick OSNN Senior Addict

    Messages:
    276
    Location:
    Somewhere
    Hehehe, I try not to forget posting back the results :)

    I've tested this on my machine and it seems to be working, but trying to get in touch with the other users can be a pain in the a$$ (they're remote and once you just give them the server ip and they can hit the server, they're no longer as willing to help and try to work out the issues. you know how that goes...).

    Will post an update soon (hopefully) :)
     
  16. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    What fixes did you implement on your test machine?