[pptp-server] Internal DNS server blues

Tim Canfield canfieldtim at yahoo.com
Sat Feb 24 02:29:33 CST 2001


Has anyone been able to get ms-wins and ms-dns to work with Windows 2000 SP1 as
the client.  It works on my 98 client, but 2000 seems to ignore those settings.

Thanks,
Tim

--- "Cowles, Steve" <Steve at SteveCowles.com> wrote:
> > -----Original Message-----
> > From: David LANDGREN [mailto:dlandgre at bpinet.com]
> > Sent: Wednesday, February 21, 2001 10:07 AM
> > To: pptp-server at lists.schulte.org
> > Subject: [pptp-server] Internal DNS server blues
> > 
> > 
> > All is well and good, however...
> > 
> > The clients initially dial up via modem, and the connection 
> > to the initial ISP negotiates two public DNS servers,
> > 194.x.y.z whatever. On successfully connecting to the ISP,
> > the client then connects through MS VPN to my private network.
> > At this point things get rather bizarre. 
> > What happens is the addresses of my two internal DNS servers,
> > rather than replacing the two public addresses, get tacked
> > onto the end. So when I run winipcfg on the ppp interface on
> > the client, I get four separate DNS addresses, my two coming
> > after the first two.
> 
> This is not as bizarre as it may seem. This is normal TCP/IP -> Resolver Lib
> interaction. i.e. DNS servers are global settings, not per connection
> profile. 
> 
> I agree though, I would like to see Microsoft change the "order" of the DNS
> servers shown when using "winipcfg" after a VPN connection is established
> and then revert back when the VPN is terminated. Based on my results though,
> I think Microsoft is changing the order internally. Unfortunately, my
> Win98Me based laptop does not have nslookup, so a can't really verify what
> server is actually being queried after the VPN is established. i.e. nslookup
> -debug www.mydomain.com
> 
> > 
> > What this means is that the client is unable to resolve the
> > name of anything inside my network. What I really want to do
> > is to wipe out the initial DNS addresses that were given
> > during the initial dial-up and replace them with my internal
> > addresses. Because in any event, if my internal DNS servers
> > can't resolve an address (because its an outside machine),
> > they will forward the request onto those two public DNS
> > servers anyway.
> > 
> > Does anyone have this setup ?
> 
> I have the exact same setup. I run internal DNS servers which return private
> addresses for ftp,www,mail, etc... on my local network and then forward all
> other requests for everything else outside.  
> 
> I'm not seeing the same results as you. So I don't know if I can offer any
> pointers except to verify that what you are describing in your post...
> should work as you have stated. (see below) In fact, my VPN connection would
> be allmost useless if my internal DNS servers did not return the private ip
> addresses. 
> 
> NOTE: For the purpose of this post, I have changed my real domain name to
> "mydomain.com" and also substituted xx.xx.xx.xx for the public ip address.
> Also, my firewall is configured to NOT answer ICMP echo-requests (ping's) on
> the external interface, so the request timeouts shown are normal but name
> resolution is working. 
> 
> ----------------------
> The following ping is after establishing a dialup connection to my ISP from
> my Win98Me laptop. I have not yet established my VPN. Name resolution is now
> pointing to my ISP's name servers.
> 
> C:\WINDOWS>ping www.mydomain.com
> 
> Pinging www.mydomain.com [xx.xx.xx.xx] with 32 bytes of data:
> Request timed out.
> Request timed out.
> Request timed out.
> Request timed out.
> 
> Ping statistics for xx.xx.xx.xx:
>     Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
> Approximate round trip times in milli-seconds:
>     Minimum = 0ms, Maximum =  0ms, Average =  0ms
> 
> C:\WINDOWS>
> 
> Now I have established a VPN into my local network which is running PopTop.
> Please note: At this time, when I run "winipcfg", I now have 4 DNS servers
> listed. My ISP's are still listed first, then my internal ones. Again, based
> on my results, I think Microsoft is changing the search order internally.
> The internal IP address is now properly returned for the same FQDN.
> 
> C:\WINDOWS>ping www.mydomain.com
> 
> Pinging www.mydomain.com [192.168.9.3] with 32 bytes of data:
> 
> Reply from 192.168.9.3: bytes=32 time=234ms TTL=255
> Reply from 192.168.9.3: bytes=32 time=206ms TTL=255
> Reply from 192.168.9.3: bytes=32 time=206ms TTL=255
> Reply from 192.168.9.3: bytes=32 time=219ms TTL=255
> 
> Ping statistics for 192.168.9.3:
>     Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
> Approximate round trip times in milli-seconds:
>     Minimum = 206ms, Maximum =  234ms, Average =  216ms
> 
> C:\WINDOWS>
> 
> I just checked my configuration on my Win98Me client. In both the dialup
> profile and the pptp profile, I am specifying absolutley nothing. i.e. DNS
> servers entries are blank. They are being assigned by either my ISP's DHCP
> servers or through /etc/ppp/options after the VPN is extablished.
> 
> Good luck
> Steve Cowles
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!


__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail. 
http://personal.mail.yahoo.com/



More information about the pptp-server mailing list