posted
For some time on my work computer, on which I almost constantly use VPN, often when I will try to access various web apps on the company network I would instead get redirected to the OpenDNS site, telling me it could not find the domain and did I mean this, that or the other.
I found that stopping/starting my VPN client would typically clear this up. Finally took the time to open a ticket with our IT and they tweaked something I was never really aware of. They went to Network Connections > Advanced Settings > Adapters and Bindings and changed the order of the connections so that VPN was first, Local Network Connection was second, followed by everything else, like 1394 Connection, Bluetooth, VMware Connections...
They were confident this would solve the problem, as well as similar issues I would see with Lotus Notes not being able to find my servers for replication. So far seems to be working...
posted
The other way to solve that is to make sure your company DNS servers are listed first when using a VPN connection. The downside to what they did was that ALL your traffic will go through the VPN pipe, instead of just that going to your company net.
joe
-------------------- Cradlepoint MBR95, Sierra USB-250U (Sprint WiMax) 2008 Newmar King Aire 4562, 2012 Jeep Liberty Limited Jet We're here! Posts: 683 | Registered: Nov 2007
| IP: Logged |
posted
If the IpSec VPN function is handled by your router, then, depending on the capabilities of the router, SPLIT DNS can be used. Here is an excerpt from the manual of my Cisco Small Business (LinkSys) router:
quote: Split DNS feature in IPSec is provided for the environment which the DNS Server is in the remote security subnet. Because the DNS server in the Internet does not have any way to know the Intranet domain, DNS client can only retrieve the DNS IP by setting Split DNS in IPSec. When the router receives an address resolution request from the client, it inspects the domain name. If the domain name matches the domain name set in Split DNS, the router will proxy the client's request to the Primary/Secondary DNS server through IPSec. If the domain name does not match the domain name set in Split DNS, the router will proxy its request to Primary/Secondary DNS server which is set up in the internet.
The RV082 can do it while the RV042 will not. This is a very cool feature. It becomes more critical when we have many VPNs all connected at once, each with its own DNS to resolve host names at that location. john
posted
Darn. Yes, this seemed too easy. Definitely don't want all traffic going through VPN... Yes, when I opened the ticket, I had asked them for preferred DNS servers, but this is what they did instead. Thanks for the tips. I can barely here all this stuff whizzing just over my head! ;-)
UBBFriend: Email this page to someone!
Printer-friendly view of this topic
