[Vpn-help] 1.1.0 observation (bug? Maybe)

Matthew Grooms mgrooms at shrew.net
Fri Oct 6 11:52:02 CDT 2006

Peter Eisch wrote:
> Ok, back with these considerations some requests still leak back to the
> LAN's DNS server.  I unchecked the related checkboxes for the "Enable Split
> DNS" and did the /flushdns a noted.  Attached is the log, the config, and
> the tcpdump of the requests that came out.  In this trace the queries to the
> VPNs nameserver would have allowed it to talk to the domain controller's DNS
> server (  When she dribbles out to the Internet nameserver
> ( for merom.VSI it totally loses it's association to the
> domain.  It would be good for this to never happen.


	I need to request two pieces of data to try and track this problem 
down. Would it be possible for you send me a full packet capture of the 
DNS traffic going to the local adapter DNS server and the tunnel adapter 
DNS server? You should be obtainable using ethereal and the second using 
tcpdump on an interface between the VPN gateway and the domain 
controller DNS server. Please limit the second capture to only DNS 
traffic between the server and the client being tested. It would also be 
very good to see another full ipconfig /all from the client machine 
while the tunnel is still up.

	I wanted to offer another case where it may be valid to see traffic 
being posed to the local DNS server. Looking at your previous ipconfig 
output, windows may be appending 'etude.com' to the DNS question in an 
attempt to resolve host names that may not be fully qualified. There are 
a lot of options for appending DNS suffixes in windows and I can't 
recall every test I ran in every scenario. If nothing else, the packet 
captures should give us more definitive evidence to work with.

Thanks in advance,


More information about the vpn-help mailing list