1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

VPN clients can't access remote LAN devices by name

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by tadwoods, Nov 4, 2006.

  1. tadwoods

    tadwoods Network Guru Member

    I have an RV082 (firmware v.1.3.5) and the QuickVPN client (v.1.0.0.39). The QuickVPN connects fine, but adds the RV082's LAN address as a DNS server to the client (as seen when running IPCONFIG /all on the client). I would prefer the QuickVPN client add our office Windows server as the DNS server. Is it possible to configure QuickVPN to do that? If not what is the best way to get the Windows server included as a DNS for VPN clients?
     
  2. Toxic

    Toxic Administrator Staff Member

    have you tried adding DNS IP entries onto the QuickVPN clients' network TCP/IP settings?
     
  3. tadwoods

    tadwoods Network Guru Member

    The client's TCP/IP setting (General tab) is set to obtain DNS servers automatically. I really don't want to start configuring DNS servers on the client manually because when the client's enivronment changes I'll be having to support those users. Furthermore the DNS server should apply only when the VPN is active to avoid carelessly slowing down DNS searches when the VPN isn't active. Nonetheless is it possible to have both automatic and manual DNS entries in the client's configuration? Looks to me like it's one or the other.

    The bottom line is that the QuickVPN client should allow you to specify the DNS server instead of assuming it will be the VPN router itself. Or even better the VPN router should let me specify what DNS server to hand out to VPN clients. The network admins I've spoken with on this issue (who are not familar with QuickVPN) are surprised that it doesn't.
     
  4. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    To be honest..that's quite standard. Similar to setups I've done with Cisco PIXs, Sonicwalls, Checkpoints, VPN bandwidth is precious. You don't want netbios, you even want to minimize traffic by cutting DNS requests.

    Common reasons for mobile VPN connections are
    *email...hard coded into the client, or OWA based (IP)
    *Remote Desktop Connection...usually done via IP or RemoteWebWorkplace
    *Database synching of LOB apps...entry in the host file
     
  5. tadwoods

    tadwoods Network Guru Member

    I am not talking about wanting NetBios; you're right that I don't want NetBios. Only TCP/IP DNS.

    QuickVPN is already automatically entering the VPN router as a DNS server, so we're not talking about adding any WAN overhead by somehow using a different DNS server also on the remote network.
     
  6. Toxic

    Toxic Administrator Staff Member

    QuickVPN is just that, Quick. it has its limitations. you also said:

    If not what is the best way to get the Windows server included as a DNS for VPN clients?

    I am not too sure on DNS entry settings, however you add your main DNS entries first of all (in Advanced section) then add the remote DNS last on the list. this way any DNS requests will go externally first and NOT slow down you normal day-to-day usage. its a workaround but not exactly what you want. QuickVPN will not in this present form, do DNS.

    whcih we have given you asnwers but sinc eyou do not want them, then you have no option but to use IP addressing only.
     
  7. tadwoods

    tadwoods Network Guru Member

    I may be frustrated that the "best" answers are not the answers that I want or what I expected out of the RV082, but I never said that I didn't want answers. I appreciate the dialog as it helps me (and hopefully others) determine what can and can't be done with this router and the QuickVPN client, both which are new to me.

    If you add the main DNS entries first (in the advanced section) then devices that are on the remote VPN are slow to resolve. Likewise, if you add the VPN's DNS first then DNS queries will be slow when the VPN isn't connected. So QuickVPN adds the VPN router as the first DNS only while it is connected, which takes care of that problem. My request is that either the RV082 should be able to hand QuickVPN an alternate or additional DNS or the DNS should be configurable in QuickVPN client, and I had hoped someone would be able to answer how to do that. If that isn't possible and the "best" answer is something more manual then I will have to live with that and encourage LinkSys to consider the enhancement request.
     
  8. pablito

    pablito Network Guru Member

    I'm not a QVPN user and I don't much like the RV's DHCP server or DNS caching but what I do is to add my internal DNS server as the first one listed in the RV's DHCP config. My users get the internal DNS which is what I want. A QVPN user would do the same without any manual work. When not on the VPN that user will get whatever they normally would.

    I don't see a problem.
     
  9. tadwoods

    tadwoods Network Guru Member

    pablito, I do exactly what you describe--to include my internal DNS as the first DNS in the RV082's DHCP config. However that DHCP config. only applies to clients on the LAN, and does not apply to the VPN Clients (or PPTP clients); I wish it did. However I noticed you said you're not using the QuickVPN client, so maybe the DHCP config does somehow apply for a different client? Which client are you using?
     
  10. pablito

    pablito Network Guru Member

    I mainly do net-net IPSEC tunnels and sometimes a client-net IPSEC tunnel. These are more flexible but aren't "quick and easy", just secure and fast... They appear as unique devices at the client so you can do manual settings if needed without affecting non VPN work. Even a PPTP tunnel might be more flexible (I don't use them however).

    If you have a static IP or cable modem WAN you can set DNS servers for the WAN and if so I'd suggest pointing at your internal DNS. This way any clients that get the RV as DNS will actually be using the internal DNS by proxy. PPPoE doesn't have a manual DNS setting (it should).
     
  11. andrew078

    andrew078 LI Guru Member

    From a customer perspective, this is quite irritating. I recently purchased an RV016, and have run up against the identical problem with it in combination with the QuickVPN client. In my case, and other people are having the identical problem, I don't run DHCP on the RV016. I have an internal Microsoft Small Business Server that is serving up DHCP addresses to internal clients, but more important, it's also the primary internal DNS because it's my Active Directory domain controller. In order to locate resources within AD, clients need to query the DNS on the DC. It would be really great if there was a configuration setting on the RV016 that allows me to specify the IP address of the DNS server handed out to VPN clients, but this doesn't seem to exist. I want the RV016 to hand out the IP address of the DC, not the RV016's address, and not the addresses of the DNS from the ISP. I totally agree with Tadwoods - I don't want to manage this problem by playing with the DNS settings on the client PCs, I just want the RV016 to hand out an address that I specify.
     

Share This Page