[Vpn-help] 1.1.0 observation (bug? Maybe)
Matthew Grooms
mgrooms at shrew.net
Fri Oct 6 11:52:02 CDT 2006
Peter Eisch wrote:
>
> Ok, back with these considerations some requests still leak back to the
> LAN's DNS server. I unchecked the related checkboxes for the "Enable Split
> DNS" and did the /flushdns a noted. Attached is the log, the config, and
> the tcpdump of the requests that came out. In this trace the queries to the
> VPNs nameserver would have allowed it to talk to the domain controller's DNS
> server (10.1.100.126). When she dribbles out to the Internet nameserver
> (204.130.132.3) for merom.VSI it totally loses it's association to the
> domain. It would be good for this to never happen.
Peter,
I need to request two pieces of data to try and track this problem
down. Would it be possible for you send me a full packet capture of the
DNS traffic going to the local adapter DNS server and the tunnel adapter
DNS server? You should be obtainable using ethereal and the second using
tcpdump on an interface between the VPN gateway and the domain
controller DNS server. Please limit the second capture to only DNS
traffic between the server and the client being tested. It would also be
very good to see another full ipconfig /all from the client machine
while the tunnel is still up.
I wanted to offer another case where it may be valid to see traffic
being posed to the local DNS server. Looking at your previous ipconfig
output, windows may be appending 'etude.com' to the DNS question in an
attempt to resolve host names that may not be fully qualified. There are
a lot of options for appending DNS suffixes in windows and I can't
recall every test I ran in every scenario. If nothing else, the packet
captures should give us more definitive evidence to work with.
Thanks in advance,
-Matthew
More information about the vpn-help
mailing list