SonicWall VPN DNS refresh problems

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Hi,

First please do not reply to this email address as it no longer
exists, just post back to the newsgroup.

I have a problem with this VPN configuration:
- We have a SonicWall 230 Pro
- We use the SonicWall Global VPN Client on our home Windows XP
computers
- When connected the SonicWall network adapter does show up as being
properly configured; meaning it has a valid IP and its DNS server
entries are also properly configured. I am also able to ping the DNS
servers from the VPN connection.

The problem is the following: when we connect to the VPN to access our
office network the DNS cached entries are never refreshed when we
connect. So when ever a computer ends its IP lease from our DHCP the
home computer will not know about it. So trying to access a computer X
which had the IP 192.168.1.100 but with its new lease got the IP
192.168.1.110 will not work, pinging the computer X will comeback as
unreachable from IP 192.168.1.100 when in fact its IP changed.

Now if I do a "ipconfig /flushdns" and "ipconfig /registerdns" all the
DNS entries from our DNS server are refresh and I can now access X,
but asking all my users to do the same is a bit of a problem.

Any ideas how to resolve this??

Thanks

Patrick Moreau

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On 20 Apr 2004 09:55:38 -0700, Patrick Moreau spoketh

>Hi,
>
>First please do not reply to this email address as it no longer
>exists, just post back to the newsgroup.
>
>I have a problem with this VPN configuration:
>- We have a SonicWall 230 Pro
>- We use the SonicWall Global VPN Client on our home Windows XP
>computers
>- When connected the SonicWall network adapter does show up as being
>properly configured; meaning it has a valid IP and its DNS server
>entries are also properly configured. I am also able to ping the DNS
>servers from the VPN connection.
>
>The problem is the following: when we connect to the VPN to access our
>office network the DNS cached entries are never refreshed when we
>connect. So when ever a computer ends its IP lease from our DHCP the
>home computer will not know about it. So trying to access a computer X
>which had the IP 192.168.1.100 but with its new lease got the IP
>192.168.1.110 will not work, pinging the computer X will comeback as
>unreachable from IP 192.168.1.100 when in fact its IP changed.
>
>Now if I do a "ipconfig /flushdns" and "ipconfig /registerdns" all the
>DNS entries from our DNS server are refresh and I can now access X,
>but asking all my users to do the same is a bit of a problem.
>
>Any ideas how to resolve this??
>
>Thanks
>
>Patrick Moreau

Disable the DNS client service on the computer in question. That'll
prevent it from caching DNS entries locally, and ask the DNS server for
every name it needs to resolve.


Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Thanks for the response but unfortunatly it does not work as, as soon
as I stop the service I could no longer access any internet resources;
thus not being able to connect to my VPN box.

Any other thoughs??

Lars M. Hansen <badnews@hansenonline.net> wrote in message news:<sl0b80d7l58p74kgsr8m6afmvtrlb3m8tt@4ax.com>...
> On 20 Apr 2004 09:55:38 -0700, Patrick Moreau spoketh
>
> >Hi,
> >
> >First please do not reply to this email address as it no longer
> >exists, just post back to the newsgroup.
> >
> >I have a problem with this VPN configuration:
> >- We have a SonicWall 230 Pro
> >- We use the SonicWall Global VPN Client on our home Windows XP
> >computers
> >- When connected the SonicWall network adapter does show up as being
> >properly configured; meaning it has a valid IP and its DNS server
> >entries are also properly configured. I am also able to ping the DNS
> >servers from the VPN connection.
> >
> >The problem is the following: when we connect to the VPN to access our
> >office network the DNS cached entries are never refreshed when we
> >connect. So when ever a computer ends its IP lease from our DHCP the
> >home computer will not know about it. So trying to access a computer X
> >which had the IP 192.168.1.100 but with its new lease got the IP
> >192.168.1.110 will not work, pinging the computer X will comeback as
> >unreachable from IP 192.168.1.100 when in fact its IP changed.
> >
> >Now if I do a "ipconfig /flushdns" and "ipconfig /registerdns" all the
> >DNS entries from our DNS server are refresh and I can now access X,
> >but asking all my users to do the same is a bit of a problem.
> >
> >Any ideas how to resolve this??
> >
> >Thanks
> >
> >Patrick Moreau
>
> Disable the DNS client service on the computer in question. That'll
> prevent it from caching DNS entries locally, and ask the DNS server for
> every name it needs to resolve.
>
>
> Lars M. Hansen
> http://www.hansenonline.net
> (replace 'badnews' with 'news' in e-mail address)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On 22 Apr 2004 12:27:32 -0700, Patrick Moreau spoketh

>Thanks for the response but unfortunatly it does not work as, as soon
>as I stop the service I could no longer access any internet resources;
>thus not being able to connect to my VPN box.
>
>Any other thoughs??
>

DNS should work fine without the "DNS client" service running. If you
are unable to do any name resolutions after shutting this service down,
then you need to look at how DNS is supposed to work on your system. Use
nslookup to see what the DNS server are, and if it'll actually resolve
any names...


Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On 22 Apr 2004 12:27:32 -0700, Patrick Moreau spoketh

>Thanks for the response but unfortunatly it does not work as, as soon
>as I stop the service I could no longer access any internet resources;
>thus not being able to connect to my VPN box.
>

See if this works for you:

http://support.microsoft.com/default.aspx?scid=kb;en-us;318803

Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Lars M. Hansen <badnews@hansenonline.net> wrote in message news:<smig80tkkg82o8i81h7bpsflu7k358h6dl@4ax.com>...
> On 22 Apr 2004 12:27:32 -0700, Patrick Moreau spoketh
>
> >Thanks for the response but unfortunatly it does not work as, as soon
> >as I stop the service I could no longer access any internet resources;
> >thus not being able to connect to my VPN box.
> >
>
> See if this works for you:
>
> http://support.microsoft.com/default.aspx?scid=kb;en-us;318803
>
> Lars M. Hansen
> http://www.hansenonline.net
> (replace 'badnews' with 'news' in e-mail address)

I will try this and let you know.

Thanks alot for your help!!

Patrick Moreau