Questions

VPN connection problem - No internet!

Tags:
+
0 Votes
Locked

VPN connection problem - No internet!

vasilis
Hello,

I have the following problem. I have a VPN set up so that I can connect to my office computer. This is set up so that internet traffic goes through my isp, and not through the VPN (split tunneling).

The VPN is L2TP IPSec, with MS-CHAPv2 for authentication. The VPN server is running GNU/Debian 3.1.

The VPN server serves addresses from the PPP pool, and also serves the DNS address: The original setup was a local address, 10.255.255.253, but I changed this to the external DNS to see if it helps (with the problem below).

My computer runs XP Pro SP2.

The problem is, when I'm connected to the VPN, I can't connect to the internet by name (I can connect fine if I know the IP). In particular, http or ping packets go to the correct interface (Wireless or Ethernet, depending) but don't get resolved. In particular, it seems NBNS queries are generated instead of DNS queries. OTOH, nslookup works fine (when the DNS served by the VPN is the external DNS). Also, when I try to ping or http access by IP, there is no problem.

When the VPN serves as DNS the local DNS server, then all name queries were routed to that DNS server (thus failing for internet addresses.)

I used a sniffer to verify these.

A second computer, with Win 2K, connecting from the same network to the same VPN server, with (as far as I can tell) the same settings, doesn't display this problem.

I connect to the internet (and the VPN) either through a home network that has an ADSL router using NAT, or from an office port with fixed public IP. The problem is the same in both cases.

Thanks, sorry for the length.
  • +
    0 Votes
    georgeou

    Even if you're connected to VPN and you're using the internal DNS server, you should still be able to resolve external names. Either your internal DNS is allowed to permit full blown recursive lookups or your Internal DNS gets the info from the DNS server in the DMZ and then relays the info to you.

    +
    0 Votes
    vasilis

    Well, thanks for the reply, but it doesn't help much. Not only the internal DNS server didn't help, but changing it to the external one doesn't help either...

    +
    0 Votes
    Joop.Rodenburg

    I have the same problem, and was wondering whether someone gets around it.
    I was able to access my website from location X through a VPN-tunnel. I changed the address of teh website internally and externally, and can ping the website by name internally, but cannot get it DNS-resolved internally. Very confusing, to be honest,

    Joop

    +
    0 Votes
    sirkong

    I had the same problem. This is my solution.
    Right click on the connection you created, Properties, go to networking tab, clic on "Internet Protocol (TCP/IP)" and Properties button, Advanced button, uncheck "Use default gateway on remote network".

    That should solve the problem. Good luck!

    +
    0 Votes
    pazitp

    I found the "Internet Protocol (TCP/IP)" and went to Properties and then Advanced, but there is no "Use default gateway on remote network".

    +
    0 Votes
    stephen_stefan

    Your solution worked well to a point for me. I was logged in to my office remotely, t-shooting the VPN issue. I made your modification, connected and was still online with the office via VNC but no browsing. I went back into TCP Properties for the VPN connection, Advanced and then added my "Default Gateway" to the WINS and everything was mello.

    +
    0 Votes
    sababou

    thank you very mutch ,it works fine.

    +
    0 Votes
    Nepster48

    Please follow the step 2 on your machine from the link below.

    http://support.microsoft.com/kb/317025

  • +
    0 Votes
    georgeou

    Even if you're connected to VPN and you're using the internal DNS server, you should still be able to resolve external names. Either your internal DNS is allowed to permit full blown recursive lookups or your Internal DNS gets the info from the DNS server in the DMZ and then relays the info to you.

    +
    0 Votes
    vasilis

    Well, thanks for the reply, but it doesn't help much. Not only the internal DNS server didn't help, but changing it to the external one doesn't help either...

    +
    0 Votes
    Joop.Rodenburg

    I have the same problem, and was wondering whether someone gets around it.
    I was able to access my website from location X through a VPN-tunnel. I changed the address of teh website internally and externally, and can ping the website by name internally, but cannot get it DNS-resolved internally. Very confusing, to be honest,

    Joop

    +
    0 Votes
    sirkong

    I had the same problem. This is my solution.
    Right click on the connection you created, Properties, go to networking tab, clic on "Internet Protocol (TCP/IP)" and Properties button, Advanced button, uncheck "Use default gateway on remote network".

    That should solve the problem. Good luck!

    +
    0 Votes
    pazitp

    I found the "Internet Protocol (TCP/IP)" and went to Properties and then Advanced, but there is no "Use default gateway on remote network".

    +
    0 Votes
    stephen_stefan

    Your solution worked well to a point for me. I was logged in to my office remotely, t-shooting the VPN issue. I made your modification, connected and was still online with the office via VNC but no browsing. I went back into TCP Properties for the VPN connection, Advanced and then added my "Default Gateway" to the WINS and everything was mello.

    +
    0 Votes
    sababou

    thank you very mutch ,it works fine.

    +
    0 Votes
    Nepster48

    Please follow the step 2 on your machine from the link below.

    http://support.microsoft.com/kb/317025