Using CMAK for VPN Connectoid

Discussion in 'DNS Server' started by RJ, Apr 28, 2004.

  1. RJ

    RJ Guest

    Okay, we've had issues using VPN connection to resolve names internally at
    work. We are AD Windows 2000 with only DNS. If we ping my hostnames, it
    does not work - if we use DNS (FQDN) - it works.

    Now to work around this, I created a VPN connectoid that had the DNS entry
    (IP Address) using the CMAK. When it connects within the first 5-10
    seconds, it has the right VPN connectiod settings I had. After that, I run
    ipconfig /all again then my DNS entries has changed - like my VPN settings I
    entered for the connectiod (created by CMAK) just was wiped out by the entry
    from VPN server (whatever it hands out).


    How do I prevent the VPN connectiod setting static - to not change from my

    Also, my VPN is giving out the ISP DNS first when it should be giving out
    our company DNS (order in IPCONFIG /aLL)

    Anyone have any suggestions or wisdom they can bestow?

    RJ, Apr 28, 2004
    1. Advertisements

  2. RJ

    Chriss3 Guest

    Do not use the VPN as default gateway (Setting in the TCP/IP -> Advanced of
    the VPN Client) , You can edit the applied TCP/IP Settings in the DHCP
    Chriss3, Apr 28, 2004
    1. Advertisements

  3. RJ

    RJ Guest

    Chriss3 - would you mind elaborating on this please - thx.
    RJ, Apr 28, 2004
  4. RJ

    Bill Grant Guest

    If a ping by FQDN succeeds, then your client must be able to find and use
    your DNS correctly. If a ping by hostname fails, the problem is probably in
    the DNS suffix entry on the client. If this is set correctly, the request
    sent to the DNS server will be identical to the request sent for the FQDN.
    Bill Grant, Apr 29, 2004
  5. In

    Also to add, VPNs and AD are problematic and a known issue. The best route
    to overcome this (mentioned by many in these newsgroups) is to use a HOSTS
    file on the clients with the necessary internal resources (such as your
    DC/GCs, printers, etc) they need to connect to and authenticate to.


    Please direct all replies to the newsgroup so all can benefit.
    This posting is provided "AS-IS" with no warranties and confers no

    Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
    Microsoft Windows MVP - Active Directory

    HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
    pig. --
    Ace Fekay [MVP], Apr 29, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.