# DNS Resolving thru VPN (AventaiL)



## jagsrao (Aug 25, 2008)

Hi,

My VPN users complain that they cannot access the intranet. On close scrutiny, I found that VPN is not able to resolve the DNS name from name to IP and hence the error. 
How can we correct this error ?

Thanks

Regards

Jagdish


----------



## networkprosourc (Aug 25, 2008)

Jagdish,

We had this problem for a while, until we started setting the DNS entries in the VPN connections to static instead of DHCP obtained. I also found that I could set our company DNS server (win2003server) IP address as the primary DNS on the NIC, and a public DNS server as the secondary. That way, if the laptop user is not connected to our network, the DNS request will fall back to the secondary server. But if he IS connected to the VPN, and he pings win2003server, or opens Outlook where the Exchange Server is set to "exchange2007", the DNS is resolved instantly. The drawback to this is that we have to enable recursion on our DNS at work, because once the VPN users start to look up DNS entries on the local network, XP on their laptops assumes that all DNS will come from the dns server at work. But since our DNS server does not respond to requests off-network, that isn't a big issue for us (very little worry about cache poisoning this way).

If recursion is not enabled (or you don't setup any forwarders), then once they connect to the VPN, they can't get to the internet on their laptop. You can change the VPN to use the default gateway on remote network, but that passes WAY too much traffic across the VPN. I just set the DNS statically, and it works like a charm.

Tom


----------



## jagsrao (Aug 25, 2008)

Thanks for the reply.

On the VPN, we do have the primary DNS configured to the DNS Server on the LAN which is also the domain server. The secondary DNS is again configured to a DNS server on the LAN. 

So, as per your comment, we do need to change the secondary DNS. Correct me if I have understood it wrong.

I have a doubt. The laptop is connected to a public network, and the dns and ip is set to dynamically. However the IP provided by vpn is static. So, will the DNS server settings be overridden in this case ?

Thanks

Jagdish


----------

