• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

dns issues?

fimchick

OSNN Senior Addict
#1
hi folks,

i have a very odd problem -- some, not all, of my users can't resolve our server hostnames when they get on the vpn. however, they can get to the server by ip without a problem. using a FQDN doesn't help either, only ip works.

why is it that only some users have this issue and not others? has anyone experienced this kind of problem before?


thanks!!
 
#2
is it a properly listed domain name or one you created for the network? Do the VPN clients have your DNS server listed when they connect?
 

kcnychief

█▄█ ▀█▄ █
Political User
#3
fimchick said:
hi folks,

i have a very odd problem -- some, not all, of my users can't resolve our server hostnames when they get on the vpn. however, they can get to the server by ip without a problem. using a FQDN doesn't help either, only ip works.

why is it that only some users have this issue and not others? has anyone experienced this kind of problem before?


thanks!!
Does FQDN work for the users who CAN resolve the server DNS name?

I would suggest looking at the DHCP server on the RRAS side. I would look to see what address ranges those who are having problems are falling in, versus the users who aren't having problems. Does it happen at the same time of day? Can some people get on, and others can't, at the same time of the day?

Do you have pre-configured VPN clients installed on these machines? It is also possible that the users who can't connect aren't obtaining a valid internal IP, and are still using the IP from their ISP wherever they are.
 

fimchick

OSNN Senior Addict
#4
hmm, not sure what you mean by this:

Geffy said:
is it a properly listed domain name or one you created for the network?
when i do an nslookup on the clients when they're on the vpn, i can see our dns server listed.
 

fimchick

OSNN Senior Addict
#5
wwwdjrcs said:
Does FQDN work for the users who CAN resolve the server DNS name?

I would suggest looking at the DHCP server on the RRAS side. I would look to see what address ranges those who are having problems are falling in, versus the users who aren't having problems. Does it happen at the same time of day? Can some people get on, and others can't, at the same time of the day?

Do you have pre-configured VPN clients installed on these machines? It is also possible that the users who can't connect aren't obtaining a valid internal IP, and are still using the IP from their ISP wherever they are.
Hmm, I will check the DHCP settings. I don't think it's the client VPN problem, we're just using windows VPN to connect. very simple, nothing fancy or exotic.

Thanks for the replies guys!
 

kcnychief

█▄█ ▀█▄ █
Political User
#6
fimchick said:
Hmm, I will check the DHCP settings. I don't think it's the client VPN problem, we're just using windows VPN to connect. very simple, nothing fancy or exotic.

Thanks for the replies guys!
I don't have anything in front of me, but the reason I brought up the client is because you can configure where to obtain an IP address from. You want to ensure that when they connect, they are grabbing an internal IP, as well as full network information (including DNS). If they are using their own ISP, they won't be able to resolve your server names because the server is internal to your network.

As an addendum to my DHCP server comment, the more I think about it, I would doubt the users that cannot connect will be logged in there, indicating they are not pulling an address.
 

Mainframeguy

Debiant by way of Ubuntu
#7
I think it very likely IS a clientside issue - as someone who uses VPN at least five times a week in exactly the manner described for my livelihood I have come acorss this myself.

Firstly I assume domain name propagation is simply a non-issue here?

Then secondly I would advise all clients (hope it is not too many, and that they know how to do this readily!) to add your DNS server to the mix. Then post back if any problem remains.... Fact is there have been a few other issues in this arena - one other thing to make mandatory is that they are all SP2, but I am taking that as a given.
 

fimchick

OSNN Senior Addict
#8
Mainframeguy said:
I think it very likely IS a clientside issue - as someone who uses VPN at least five times a week in exactly the manner described for my livelihood I have come acorss this myself.

Firstly I assume domain name propagation is simply a non-issue here?

Then secondly I would advise all clients (hope it is not too many, and that they know how to do this readily!) to add your DNS server to the mix. Then post back if any problem remains.... Fact is there have been a few other issues in this arena - one other thing to make mandatory is that they are all SP2, but I am taking that as a given.
You are correct, they are all running SP2. What do you mean by "adding the DNS server to the mix"?
 

Mainframeguy

Debiant by way of Ubuntu
#9
OK I shall assume you know exactly where my shorthand takes you -

VPN connection --> Properties --> TCP/IP ---> Advanced ---> Add other DNS server.

This to be done for all clients - adding YOUR DNS servers IP address.

hope that all makes sense, I expect it will, since you seem to know what I am talking about...
 

kcnychief

█▄█ ▀█▄ █
Political User
#10
MFG, that is more what I had inquired to pre-configure and deploy VPN client configurations. Otherwise, if your tip corrects it, it will have to be done manually on each client laptop.
 

fimchick

OSNN Senior Addict
#11
Mainframeguy said:
OK I shall assume you know exactly where my shorthand takes you -

VPN connection --> Properties --> TCP/IP ---> Advanced ---> Add other DNS server.

This to be done for all clients - adding YOUR DNS servers IP address.

hope that all makes sense, I expect it will, since you seem to know what I am talking about...
Roger dodger! I gotcha now. I'll check and post back here! Thanks guys!
 

fimchick

OSNN Senior Addict
#15
Hehehe, I try not to forget posting back the results :)

I've tested this on my machine and it seems to be working, but trying to get in touch with the other users can be a pain in the a$$ (they're remote and once you just give them the server ip and they can hit the server, they're no longer as willing to help and try to work out the issues. you know how that goes...).

Will post an update soon (hopefully) :)
 

Members online

No members online now.

Latest posts

Latest profile posts

Perris Calderon wrote on Electronic Punk's profile.
Ep, glad to see you come back and tidy up...did want to ask a one day favor, I want to enhance my resume , was hoping you could make me administrator for a day, if so, take me right off since I won't be here to do anything, and don't know the slightest about the board, but it would be nice putting "served administrator osnn", if can do, THANKS

Been running around Quora lately, luv it there https://tinyurl.com/ycpxl
Electronic Punk wrote on Perris Calderon's profile.
All good still mate?
Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,962
Messages
673,240
Members
89,018
Latest member
timpage