[isalist] Re: Strange Issue while using VPN
- From: "Tom Rogers" <trogers@xxxxxxxxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Wed, 5 May 2010 09:22:53 -0400
http://www.ISAserver.org
-------------------------------------------------------
Ok, did some more testing and here is what I found. Jim you are correct,
my first statement was wrong "ping 192.168.1.2 should return packets
from 192.168.1.2 not an IP addr that belongs to TuCows domain"
When I ping 192.168.1.2 I *DO* get packets returned from 192.168.1.2
When I ping *ANY* host_name on my internal LAN while VPN'd in, I get
this...
FROM HOME NETWORK (VERIZON FiOS)
PING NT1
Pinging NT1.COMPANYNAME.NET [64.99.80.30] with 32 bytes of data:
Reply from 64.99.80.30: bytes=32 time=77ms TTL=117
Reply from 64.99.80.30: bytes=32 time=75ms TTL=117
Reply from 64.99.80.30: bytes=32 time=75ms TTL=117
Reply from 64.99.80.30: bytes=32 time=75ms TTL=117
Ping statistics for 64.99.80.30:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 75ms, Maximum = 77ms, Average = 75ms
[Should return packets from 192.168.1.2]
PING EXCHANGE
Pinging exchange.COMPANYNAME.NET [64.99.80.30] with 32 bytes of data:
Reply from 64.99.80.30: bytes=32 time=76ms TTL=117
Reply from 64.99.80.30: bytes=32 time=76ms TTL=117
Reply from 64.99.80.30: bytes=32 time=77ms TTL=117
Reply from 64.99.80.30: bytes=32 time=76ms TTL=117
Ping statistics for 64.99.80.30:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 76ms, Maximum = 77ms, Average = 76ms
[Should return packets from 192.168.1.5]
I have captured a ping with Network Monitor 3.3, what should I look for,
I do not see the 64.99.80.30 IP addr any where in the capture. Prolly
not safe to post the capture on this list, should I email it to you
privately Jim?
Again, this only happens on a laptop that is part of my domain. Any
computer that is not part of my domain does not have this issue.
I have not tested my laptop in another location yet, only from my home
FiOS config.
-Tom Rogers
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Jim Harrison
> Sent: Tuesday, May 04, 2010 5:33 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Strange Issue while using VPN
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> If Tom agrees, I plan all manner of testing; all to be done under the
> watchful eye of Network Monitor.
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]
> On
> Behalf Of Steven Comeau
> Sent: Tuesday, May 04, 2010 13:32
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Strange Issue while using VPN
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> Have you tried a tracert to the IP address?
>
> Steve Comeau
> Associate Director of IT Rutgers Athletics
> 83 Rockafeller Road
> Piscataway, NJ 08854
> 732-445-7802
> 732-445-4623 (fax)
> www.scarletknights.com
>
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]
> On
> Behalf Of Jim Harrison
> Sent: Tuesday, May 04, 2010 3:56 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Strange Issue while using VPN
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> The first statement makes no sense at all..?
> "ping 192.168.1.2 " should return packets from 192.168.1.2; not " an
IP
> addr
> that belongs to TuCows domain ".
>
> This happens no matter where the VPN client is located?
> Wanna do some deeper testing offline and report back with our
findings?
>
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx]
> On
> Behalf Of Tom Rogers
> Sent: Tuesday, May 04, 2010 07:58
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Strange Issue while using VPN
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> When I do a "ping 192.168.1.2" for my primary DC/DNS server I see
returned
> not 192.168.1.2 but an IP addr that belongs to TuCows domain.
>
> When I do a "ping NT1" (server name - which should be 192.168.1.2) for
my
> primary DC/DNS server I see returned not 192.168.1.2 but an IP addr
that
> belongs to TuCows domain.
>
> Here is the IPCONFIG/ALL from the affected laptop when connected to
VPN...
>
> Windows IP Configuration
> Host Name . . . . . . . . . . . . : SPWS119
> Primary Dns Suffix . . . . . . . : COMPANYNAME.NET
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : No
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : COMPANYNAME.NET
> home Ethernet adapter LAN:
> Media State . . . . . . . . . . . : Media disconnected
> Description . . . . . . . . . . . : Broadcom NetXtreme 57xx
> Gigabit
> Controller
> Physical Address. . . . . . . . . : 00-1D-09-AF-XX-XX
>
> Ethernet adapter WLAN:
> Connection-specific DNS Suffix . : home
> Description . . . . . . . . . . . : Dell Wireless 1390 WLAN
> Mini-Card
> Physical Address. . . . . . . . . : 00-1B-FC-D1-XX-XX
> Dhcp Enabled. . . . . . . . . . . : Yes
> Autoconfiguration Enabled . . . . : Yes
> IP Address. . . . . . . . . . . . : 192.168.7.102
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.7.1
> DHCP Server . . . . . . . . . . . : 192.168.7.1
> DNS Servers . . . . . . . . . . . : 192.168.7.1
> [Verizon FiOS]---> 68.237.161.12
> Lease Obtained. . . . . . . . . . : Tuesday, April 27, 2010
> 7:40:06 PM
> Lease Expires . . . . . . . . . . : Wednesday, April 28, 2010
> 7:40:06 PM
>
> Ethernet adapter VirtualBox Host-Only Network:
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : VirtualBox Host-Only
Ethernet
> Adapter
> Physical Address. . . . . . . . . : 08-00-27-00-XX-XX
> Dhcp Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.56.1
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . :
>
> PPP adapter COMPANYNAME LAN (BROADBAND):
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
> Physical Address. . . . . . . . . : 00-53-45-00-00-00
> Dhcp Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.1.42
> Subnet Mask . . . . . . . . . . . : 255.255.255.255
> Default Gateway . . . . . . . . . : 192.168.1.42
> DNS Servers . . . . . . . . . . . : 192.168.1.2
> 192.168.1.7
> Primary WINS Server . . . . . . . : 192.168.1.7
> Secondary WINS Server . . . . . . : 192.168.1.2
>
> Notice DHCP Enabled is NO for the PPP adapter - this is because I
manually
> set the DNS IP addr to my internal LAN DNS Servers.
>
> -Tom Rogers
>
>
>
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > On Behalf Of Jim Harrison
> > Sent: Monday, May 03, 2010 3:36 PM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Re: Strange Issue while using VPN
> >
> > http://www.ISAserver.org
> > -------------------------------------------------------
> >
> > Tom,
> >
> > One statement you made is a bit confusing; " ping my server by
netbios
> > name or the correct IP address ". If you ping by IP address, your
> host
> > uses an IP address apparently owned by TuCows?
> > I don't think you meant to say "by IP address" there...?
> >
> > Resolution for unqualified names is wholly dependent on the:
> > 1. domain suffixes used by the host
> > 2. name resolution servers available to the host By default, a
Windows
> > host will use the nearest name services
> available to
> > it; as defined by subnet masking.
> > If those servers are located within the local physical subnet, it
> won't
> > use the DNS servers available across the VPN tunnel.
> >
> > When you're in this state, the ipconfig/all output from the affected
> > laptop would be useful.
> >
> >
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > On Behalf Of Tom Rogers
> > Sent: Monday, May 03, 2010 12:13 PM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Strange Issue while using VPN
> >
> > http://www.ISAserver.org
> > -------------------------------------------------------
> >
> > I use a company laptop when on the road to VPN in via ISA 2006. I
can
> make
> > the VPN connection fine, but when I try to RDP to my servers, I have
> to
> > use IP address. I cannot use the NetBIOS names. Now from my home PC,
I
> can
> > with no problems.
> >
> > During testing as to why, when I try to ping my server by netbios
name
> or
> > the correct IP address, I always get a result of an IP address that
> > belongs to Tucows.com showing for every single host I try to ping on
> my
> > internal network.
> >
> > Then I MANUALLY put the internal LAN DNS server IP addresses on the
> TCP/IP
> > settings of my Wireless NIC and try it again, and everything is
fine!
> >
> > When I had the Wireless NIC TCP/IP DNS settings set to DHCP, I get
the
> > problem. The IP Addr for my laptop is set to DHCP on the Wireless
NIC
> and
> > never needs to change.
> >
> > When I do IPCONFIG /ALL while IP and DNS settings on the Wireless
NIC
> are
> > set to DHCP, show my DNS server IPs are correctly set to my internal
> LAN
> > DNS Server IPs, and I have a proper internal LAN IP address for my
> laptop.
> > But I continually get the error issue unless I manually change my
> Wireless
> > NIC DNS IP settings to the internal LAN DNS Server IPs.
> >
> > Anyone know why this is happening? It is a consistent behaviour for
> all
> > our laptops that are joined to our domain, but not an issue for
> computers
> > NOT joined to the domain.
> >
> > TIA,
> >
> > -Tom Rogers
> >
> >
> >
> >
> > ------------------------------------------------------
> > List Archives: //www.freelists.org/archives/isalist/
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server Articles and Tutorials:
> > http://www.isaserver.org/articles_tutorials/
> > ISA Server Blogs: http://blogs.isaserver.org/
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> > ------------------------------------------------------
> > List Archives: //www.freelists.org/archives/isalist/
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server Articles and Tutorials:
> > http://www.isaserver.org/articles_tutorials/
> > ISA Server Blogs: http://blogs.isaserver.org/
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
>
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> *** This message contains confidential information and is intended
only
> for
> the individual named. If you are not the named addressee, you should
not
> disseminate, distribute or copy this e-mail. Please notify the sender
> immediately by e-mail if you have received this e-mail by mistake and
> delete
> this e-mail from your system. E-mail transmission cannot be guaranteed
to
> be
> secure or error-free as information could be intercepted, corrupted,
lost,
> destroyed, arrive late or incomplete, or contain viruses. The sender
> therefore does not accept liability for any errors or omissions in the
> contents of this message, which arise as a result of e-mail
transmission.
> If verification is required please request a hard-copy version.
> Rutgers University - DIA
> 83 Rockafeller Road
> Piscataway, NJ 08854
> www.scarletknights.com ***
>
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
