Dual homed 2003 - VPN/DNS issue

[Guest]

Hi

I have a Windows 2003 server with 2 NICs on the same subnet - 192.168.0.x.
One card is set up as the VPN and our external firewall passes all VPN
traffic thru to this interface (192.168.0.3). The other card is a standard
LAN connection and services all internal connections to the server
(192.168.0.2).

The problem I am having is that everything works fine for a while. Then,
with no errors in the event log, the server stops being able to resolve
external host names. The result is that you cannot browse the Internet from
the server (no problem) and that the server can no longer send email - as it
uses DNS to resolve the email addresses. Users can still access shares on the
server and print to networked printers.

I have discovered, using pathping, that the server is attempting to resolve
external addresses thru the VPN NIC (i.e. .3). As this is locked down for VPN
access responses are probably being discarded. If I then disable the VPN NIC
the system springs into life and starts resolving DNS thru the LAN NIC.

I have this working on other SBS 2003 servers, and had it working previously
on this server.

Suggestions, resources etc all very gratefully received.

 

[Barry]

Hi

I have a Windows 2003 server with 2 NICs on the same subnet - 192.168.0.x.
One card is set up as the VPN and our external firewall passes all VPN
traffic thru to this interface (192.168.0.3). The other card is a standard
LAN connection and services all internal connections to the server
(192.168.0.2).

The problem I am having is that everything works fine for a while. Then,
with no errors in the event log, the server stops being able to resolve
external host names. The result is that you cannot browse the Internet
from
the server (no problem) and that the server can no longer send email - as
it
uses DNS to resolve the email addresses. Users can still access shares on
the
server and print to networked printers.

I have discovered, using pathping, that the server is attempting to
resolve
external addresses thru the VPN NIC (i.e. .3). As this is locked down for
VPN
access responses are probably being discarded. If I then disable the VPN
NIC
the system springs into life and starts resolving DNS thru the LAN NIC.

I have this working on other SBS 2003 servers, and had it working
previously
on this server.

Suggestions, resources etc all very gratefully received.

can we get an ipconfig /all please

I suspect theres an issue with routing. What subnet is your LAN? Have you
given both your NICs a default gateway? There should only be one.

 

[Jetro]

Reorder Connections in the Network Connections menu Advanced/Advanced
Settings: move LAN connector all way up.

Consider placing VPN connection into separate subnet and do not register it
in DNS.

 

[Phillip Windell]

I have a Windows 2003 server with 2 NICs on the same subnet - 192.168.0.x.

You don't have a dual-homed machine,...you have a single-homed machine with
two Nics. The number of "homes" is determined by the number of subnets, not
the number of Nics.

You can't run both Nics on the same subnet. Take the Nic out,..run one
Subnet with *one* Nic.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------