I've been having a chronic issue ever since upgrading the SSLVPN client from v1.2 (which worked great) to the newer 1.3 that is included with 7.1xx. The issue is that the VPN connects perfectly fine, and I can ping all internal hosts just fine, but *DNS* is broken. The client shows that it got the internal DNS server (which pings just fine), but DNS names are *not* being sent to this internal DNS server provided to the SSL adapter. Instead, the DNS the machine is already using (in this case, an ISP DNS) is used instead... thus I can't resolve any internal names, even though I can connect to anything across the VPN by IP address!
Here are some facts:
- ipconfig /all shows that the SSLVPN adapter gets the correct internal DNS server delivered to it.
- pinging the internal DNS works, and all hosts across the VPN can be contacted by IP address.
- while connected to VPN, the client does NOT use the internal DNS like it used to.
- This ONLY started happening with the 1.3 SSLVPN client.
- About one out of every four attempts the client *will* use the internal DNS like it should, but it seems random.
- Sometimes doing ipconfig /renew *while* connected to VPN will instantly fix the problem and the client starts using the internal DNS.
- Packet filter log does not show any DNS packets being generated by the VPN client being blocked. (I thought perhaps there was a problem with the auto-packet-filter feature of the SSLVPN, but this doesn't seem to be the case)
- This is happening on Windows XP SP2 + latest patches. Haven't tested on any other OS.
I am at a loss as to what is wrong, other than guess that the newer 1.3 client is simply broken in some way regarding DNS.
Any suggestions?
This thread was automatically locked due to age.
