[Vpn-help] Iked.exe dies

Harondel J. Sibble help at pdscc.com
Thu Oct 25 11:12:17 CDT 2007 


On 24 Oct 2007 at 11:30, Matthew Grooms wrote:

> > Also, we consistently get a behavior where the VPN needs to be up
> for 9-11 > minutes before it starts "working."  The issue isn't in

> and general Internet browsing mostly works (caching behavior doesn't >
> seem to happen) but Outlook literally sits at "Trying to connect..."
> [to > exchange] through this duration.  Even if it's quit before the
> VPN is > launched.  This leads me to think that there might be some
> sort of WINS > cache or something that needs to get poked when
> connected and disconnected. > What too is odd is that from a cmd prompt
> the public addresses are used if > you try to ping these domain systems.
>  Again, non-domain systems tend to > respond properly. 


Hmm, I've not seen the exact problem you're having peter but here are a 
couple of things you might try....

1) once VPN is up from a command prompt run "ipconfig /flushdns"
2) Explicitly set the wins server that outlook should check in the network 
properities for your nic or set this in the Shrew Client (dunno if that's 
possible as I haven't used the windows client yet)
3) rereading the last section above, let me put this in my own words, you 
have a user in say Vancouver at the Marriot hotel with internet access from 
their room, your office is in say Calgary.  They can surf the net fine, they 
then bring up the vpn connection and can't get to the exchange server on your 
end for whatever period of time, if they then go to the cli and try to ping 
(or nslookup) servers at the Calgary office, they get a response from the 
Hotel's DNS server rather than your internal AD dns server which _should_ 
point them to the correct exchange server address. Is that correct?   Also 
for the remote vpn user, is the client setup for dhcp over ipsec, mode config 
or manually configured for ip, dns et al?  I've solved this specific problem 
when using dhcp over ipsec by manually entering the dns and wins servers into 
the Forticlients Virtual Adaptor nic settings.  I've seen this problem happen 
maybe 4 times in the past 2 years, once with a client in Vietnam, one in Abu 
Dabi and one down in Vegas.

Hope that helps you some.

If so I have seen this problem with the forticlient (commercial vpn client), 
the solution is to add the dns server

-- 
Harondel J. Sibble 
Sibble Computer Consulting
Creating solutions for the small business and home computer user.
help at pdscc.com (use pgp keyid 0x3AD5C11D) http://www.pdscc.com
(604) 739-3709 (voice/fax)      (604) 686-2253 (pager)

More information about the vpn-help mailing list