D
Dustin
Here is a little background:
PPTP VPN from Windows XP clients via a Cisco PIX 515E firewall
PIX assigns IP and DNS information
Domain suffix is manually configured in the VPN CONNECTOID
The Issue:
Up until this past week, our VPN has worked great. We made no changes
to the configuration of the firewall. This week, my users can not
access resources, via name, when connected to the VPN. They can
access the resources by IP address. I investigated further and found
that the DNS queries are being sent to their ISP's DNS servers, and
not the DNS server on our LAN.
No matter what I do, short of completely removing the ISP's DNS
settings, can I get it to search the DNS Server on our LAN first. The
only way that a query will move the the next DNS servers is if it
cannot contact the first server at all.
It seems that something has changed in Windows (at least XP) that does
not allow it to update the DNS Search order in memory. Maybe it was
one of the updates? Or... maybe it is a virus (I do not believe this
though, as we stay current with Windows Updates and Anti-virus
software).
Also, I tested this from my home computer, and it fails the same way
(but I am using the RC1 of SP2).
I appreciate all help, but please do not just to conclusion without
thoroughly understanding the issue (I have seen many times when people
do not read the entire post).
Thanks in advance,
Dustin A. Dortch
Network+, MCSA/MCSE W2K
PPTP VPN from Windows XP clients via a Cisco PIX 515E firewall
PIX assigns IP and DNS information
Domain suffix is manually configured in the VPN CONNECTOID
The Issue:
Up until this past week, our VPN has worked great. We made no changes
to the configuration of the firewall. This week, my users can not
access resources, via name, when connected to the VPN. They can
access the resources by IP address. I investigated further and found
that the DNS queries are being sent to their ISP's DNS servers, and
not the DNS server on our LAN.
No matter what I do, short of completely removing the ISP's DNS
settings, can I get it to search the DNS Server on our LAN first. The
only way that a query will move the the next DNS servers is if it
cannot contact the first server at all.
It seems that something has changed in Windows (at least XP) that does
not allow it to update the DNS Search order in memory. Maybe it was
one of the updates? Or... maybe it is a virus (I do not believe this
though, as we stay current with Windows Updates and Anti-virus
software).
Also, I tested this from my home computer, and it fails the same way
(but I am using the RC1 of SP2).
I appreciate all help, but please do not just to conclusion without
thoroughly understanding the issue (I have seen many times when people
do not read the entire post).
Thanks in advance,
Dustin A. Dortch
Network+, MCSA/MCSE W2K