I have the following problem. I have a VPN set up so that I can connect to my office computer. This is set up so that internet traffic goes through my isp, and not through the VPN (split tunneling).
The VPN is L2TP IPSec, with MS-CHAPv2 for authentication. The VPN server is running GNU/Debian 3.1.
The VPN server serves addresses from the PPP pool, and also serves the DNS address: The original setup was a local address, 10.255.255.253, but I changed this to the external DNS to see if it helps (with the problem below).
My computer runs XP Pro SP2.
The problem is, when I'm connected to the VPN, I can't connect to the internet by name (I can connect fine if I know the IP). In particular, http or ping packets go to the correct interface (Wireless or Ethernet, depending) but don't get resolved. In particular, it seems NBNS queries are generated instead of DNS queries. OTOH, nslookup works fine (when the DNS served by the VPN is the external DNS). Also, when I try to ping or http access by IP, there is no problem.
When the VPN serves as DNS the local DNS server, then all name queries were routed to that DNS server (thus failing for internet addresses.)
I used a sniffer to verify these.
A second computer, with Win 2K, connecting from the same network to the same VPN server, with (as far as I can tell) the same settings, doesn't display this problem.
I connect to the internet (and the VPN) either through a home network that has an ADSL router using NAT, or from an office port with fixed public IP. The problem is the same in both cases.
Thanks, sorry for the length.
If your DNS is working right, it should not matter
Even if you're connected to VPN and you're using the internal DNS server, you should still be able to resolve external names. Either your internal DNS is allowed to permit full blown recursive lookups or your Internal DNS gets the info from the DNS server in the DMZ and then relays the info to you.
23rd Feb 2007