http://www.ISAserver.org ------------------------------------------------------- Ok, did some more testing and here is what I found. Jim you are correct, my first statement was wrong "ping 192.168.1.2 should return packets from 192.168.1.2 not an IP addr that belongs to TuCows domain" When I ping 192.168.1.2 I *DO* get packets returned from 192.168.1.2 When I ping *ANY* host_name on my internal LAN while VPN'd in, I get this... FROM HOME NETWORK (VERIZON FiOS) PING NT1 Pinging NT1.COMPANYNAME.NET [64.99.80.30] with 32 bytes of data: Reply from 64.99.80.30: bytes=32 time=77ms TTL=117 Reply from 64.99.80.30: bytes=32 time=75ms TTL=117 Reply from 64.99.80.30: bytes=32 time=75ms TTL=117 Reply from 64.99.80.30: bytes=32 time=75ms TTL=117 Ping statistics for 64.99.80.30: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 75ms, Maximum = 77ms, Average = 75ms [Should return packets from 192.168.1.2] PING EXCHANGE Pinging exchange.COMPANYNAME.NET [64.99.80.30] with 32 bytes of data: Reply from 64.99.80.30: bytes=32 time=76ms TTL=117 Reply from 64.99.80.30: bytes=32 time=76ms TTL=117 Reply from 64.99.80.30: bytes=32 time=77ms TTL=117 Reply from 64.99.80.30: bytes=32 time=76ms TTL=117 Ping statistics for 64.99.80.30: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 76ms, Maximum = 77ms, Average = 76ms [Should return packets from 192.168.1.5] I have captured a ping with Network Monitor 3.3, what should I look for, I do not see the 64.99.80.30 IP addr any where in the capture. Prolly not safe to post the capture on this list, should I email it to you privately Jim? Again, this only happens on a laptop that is part of my domain. Any computer that is not part of my domain does not have this issue. I have not tested my laptop in another location yet, only from my home FiOS config. -Tom Rogers > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] > On Behalf Of Jim Harrison > Sent: Tuesday, May 04, 2010 5:33 PM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Strange Issue while using VPN > > http://www.ISAserver.org > ------------------------------------------------------- > > If Tom agrees, I plan all manner of testing; all to be done under the > watchful eye of Network Monitor. > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] > On > Behalf Of Steven Comeau > Sent: Tuesday, May 04, 2010 13:32 > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Strange Issue while using VPN > > http://www.ISAserver.org > ------------------------------------------------------- > > Have you tried a tracert to the IP address? > > Steve Comeau > Associate Director of IT Rutgers Athletics > 83 Rockafeller Road > Piscataway, NJ 08854 > 732-445-7802 > 732-445-4623 (fax) > www.scarletknights.com > > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] > On > Behalf Of Jim Harrison > Sent: Tuesday, May 04, 2010 3:56 PM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Strange Issue while using VPN > > http://www.ISAserver.org > ------------------------------------------------------- > > The first statement makes no sense at all..? > "ping 192.168.1.2 " should return packets from 192.168.1.2; not " an IP > addr > that belongs to TuCows domain ". > > This happens no matter where the VPN client is located? > Wanna do some deeper testing offline and report back with our findings? > > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] > On > Behalf Of Tom Rogers > Sent: Tuesday, May 04, 2010 07:58 > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Strange Issue while using VPN > > http://www.ISAserver.org > ------------------------------------------------------- > > When I do a "ping 192.168.1.2" for my primary DC/DNS server I see returned > not 192.168.1.2 but an IP addr that belongs to TuCows domain. > > When I do a "ping NT1" (server name - which should be 192.168.1.2) for my > primary DC/DNS server I see returned not 192.168.1.2 but an IP addr that > belongs to TuCows domain. > > Here is the IPCONFIG/ALL from the affected laptop when connected to VPN... > > Windows IP Configuration > Host Name . . . . . . . . . . . . : SPWS119 > Primary Dns Suffix . . . . . . . : COMPANYNAME.NET > Node Type . . . . . . . . . . . . : Hybrid > IP Routing Enabled. . . . . . . . : No > WINS Proxy Enabled. . . . . . . . : No > DNS Suffix Search List. . . . . . : COMPANYNAME.NET > home Ethernet adapter LAN: > Media State . . . . . . . . . . . : Media disconnected > Description . . . . . . . . . . . : Broadcom NetXtreme 57xx > Gigabit > Controller > Physical Address. . . . . . . . . : 00-1D-09-AF-XX-XX > > Ethernet adapter WLAN: > Connection-specific DNS Suffix . : home > Description . . . . . . . . . . . : Dell Wireless 1390 WLAN > Mini-Card > Physical Address. . . . . . . . . : 00-1B-FC-D1-XX-XX > Dhcp Enabled. . . . . . . . . . . : Yes > Autoconfiguration Enabled . . . . : Yes > IP Address. . . . . . . . . . . . : 192.168.7.102 > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > Default Gateway . . . . . . . . . : 192.168.7.1 > DHCP Server . . . . . . . . . . . : 192.168.7.1 > DNS Servers . . . . . . . . . . . : 192.168.7.1 > [Verizon FiOS]---> 68.237.161.12 > Lease Obtained. . . . . . . . . . : Tuesday, April 27, 2010 > 7:40:06 PM > Lease Expires . . . . . . . . . . : Wednesday, April 28, 2010 > 7:40:06 PM > > Ethernet adapter VirtualBox Host-Only Network: > Connection-specific DNS Suffix . : > Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet > Adapter > Physical Address. . . . . . . . . : 08-00-27-00-XX-XX > Dhcp Enabled. . . . . . . . . . . : No > IP Address. . . . . . . . . . . . : 192.168.56.1 > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > Default Gateway . . . . . . . . . : > > PPP adapter COMPANYNAME LAN (BROADBAND): > Connection-specific DNS Suffix . : > Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface > Physical Address. . . . . . . . . : 00-53-45-00-00-00 > Dhcp Enabled. . . . . . . . . . . : No > IP Address. . . . . . . . . . . . : 192.168.1.42 > Subnet Mask . . . . . . . . . . . : 255.255.255.255 > Default Gateway . . . . . . . . . : 192.168.1.42 > DNS Servers . . . . . . . . . . . : 192.168.1.2 > 192.168.1.7 > Primary WINS Server . . . . . . . : 192.168.1.7 > Secondary WINS Server . . . . . . : 192.168.1.2 > > Notice DHCP Enabled is NO for the PPP adapter - this is because I manually > set the DNS IP addr to my internal LAN DNS Servers. > > -Tom Rogers > > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > [mailto:isalist-bounce@xxxxxxxxxxxxx] > > On Behalf Of Jim Harrison > > Sent: Monday, May 03, 2010 3:36 PM > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: Strange Issue while using VPN > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > Tom, > > > > One statement you made is a bit confusing; " ping my server by netbios > > name or the correct IP address ". If you ping by IP address, your > host > > uses an IP address apparently owned by TuCows? > > I don't think you meant to say "by IP address" there...? > > > > Resolution for unqualified names is wholly dependent on the: > > 1. domain suffixes used by the host > > 2. name resolution servers available to the host By default, a Windows > > host will use the nearest name services > available to > > it; as defined by subnet masking. > > If those servers are located within the local physical subnet, it > won't > > use the DNS servers available across the VPN tunnel. > > > > When you're in this state, the ipconfig/all output from the affected > > laptop would be useful. > > > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > [mailto:isalist-bounce@xxxxxxxxxxxxx] > > On Behalf Of Tom Rogers > > Sent: Monday, May 03, 2010 12:13 PM > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Strange Issue while using VPN > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > I use a company laptop when on the road to VPN in via ISA 2006. I can > make > > the VPN connection fine, but when I try to RDP to my servers, I have > to > > use IP address. I cannot use the NetBIOS names. Now from my home PC, I > can > > with no problems. > > > > During testing as to why, when I try to ping my server by netbios name > or > > the correct IP address, I always get a result of an IP address that > > belongs to Tucows.com showing for every single host I try to ping on > my > > internal network. > > > > Then I MANUALLY put the internal LAN DNS server IP addresses on the > TCP/IP > > settings of my Wireless NIC and try it again, and everything is fine! > > > > When I had the Wireless NIC TCP/IP DNS settings set to DHCP, I get the > > problem. The IP Addr for my laptop is set to DHCP on the Wireless NIC > and > > never needs to change. > > > > When I do IPCONFIG /ALL while IP and DNS settings on the Wireless NIC > are > > set to DHCP, show my DNS server IPs are correctly set to my internal > LAN > > DNS Server IPs, and I have a proper internal LAN IP address for my > laptop. > > But I continually get the error issue unless I manually change my > Wireless > > NIC DNS IP settings to the internal LAN DNS Server IPs. > > > > Anyone know why this is happening? It is a consistent behaviour for > all > > our laptops that are joined to our domain, but not an issue for > computers > > NOT joined to the domain. > > > > TIA, > > > > -Tom Rogers > > > > > > > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > *** This message contains confidential information and is intended only > for > the individual named. If you are not the named addressee, you should not > disseminate, distribute or copy this e-mail. Please notify the sender > immediately by e-mail if you have received this e-mail by mistake and > delete > this e-mail from your system. E-mail transmission cannot be guaranteed to > be > secure or error-free as information could be intercepted, corrupted, lost, > destroyed, arrive late or incomplete, or contain viruses. The sender > therefore does not accept liability for any errors or omissions in the > contents of this message, which arise as a result of e-mail transmission. > If verification is required please request a hard-copy version. > Rutgers University - DIA > 83 Rockafeller Road > Piscataway, NJ 08854 > www.scarletknights.com *** > > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx