RE: [ActiveDir] DNS settings

[Carlos Magalhaes]

Title: Message

The kind of havoc , is that on the ISP dial up they can not resolve any DNS quieries as all DNS queries are pointing to our internal DNS servers, I confirm this with a ipconfig /all and nslookup   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, May 10, 2004 10:01 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] DNS settings   What kind of Havoc is is causing? How are the users connecting to your network over their ISP's? Is there a like a VPN client of some sort by chance?    I have seen similar behaviour where VPN clients take all the IP settings except DNS from the ISP and default to the corporate DNS for address resolution.  The theory being is that since you are using the vpn, you are interested in accessing private resources that may (should) not be resolved by your external DNS, so you are directed to your corporate DNS on the internal network.  It would likely be a configuration on the RAS of some sort.   Normally this is not an issue, since the internal DNS, would resolve the external query and pass it back to laptop at the other end of the tunnel.  Depending on the Tunnel configuration, it can cause problems for ISP access if either split tunnelling is disabled forcing you users to send all internet traffic to your site inside the tunnel and out through your firewall.  If you block POP and SMTP access externally for instance, users will not be able to access their ISP mail.  The other gotcha is similar if your network uses proxy servers assigned by GPO .  If the user is not aware your network has set proxies and reset them to the proper configuration for their ISP (likely non) that that will display havoc DNS errors as well.   From: Mulnick, Al [mailto:[EMAIL PROTECTED] Sent: Monday, May 10, 2004 2:54 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] DNS settings Logging?  Network Trace?  Any of those options available?   From: Carlos Magalhaes [mailto:[EMAIL PROTECTED] Sent: Monday, May 10, 2004 2:38 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] DNS settings Nope that's what gets me, and its happening to ALL the laptops, (they are the only machines using third party dialers)   AGRRR - there must be an answer :P   CM   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Kaiser Sent: Monday, May 10, 2004 8:30 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] DNS settings   Is there any hard coding of DNS settings on the laptop's network connection properties? This will override any server-assigned DNS settings...     ********************** Charlie Kaiser MCSE, CCNA Systems Engineer Essex Credit / Brickwalk 510 595 5083 ********************** -----Original Message----- From: Carlos Magalhaes [mailto:[EMAIL PROTECTED] Sent: Monday, May 10, 2004 11:15 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] DNS settings Hey Al,   Yeah all the settings are suppose to be set via the ISP , most ISP's run DHCP so yes the settings should be set. The weird thing is that only the DNS settings are being forced to our network, the user gets a valid third party IP address and default gateway, just not a DNS setting, that's what made me think it might be something on our network.   We done run WINS just DNS.   Thank you and Keep well!   CM   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Monday, May 10, 2004 4:31 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] DNS settings   Trying to remember exactly, but wouldn't they get their DNS settings from the ISP upon connection either through their software locally or from their RRAS server?   Al   From: Carlos Magalhaes [mailto:[EMAIL PROTECTED] Sent: Monday, May 10, 2004 9:41 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] DNS settings Hey all,   I have a weird issue; all our laptop users have their own third part dial up's (RRAS and RAS) for their convenience. When the users dial up to their third party ISP's (all users) they obtain an IP address from the ISP but their DNS settings are being forced to the networks internal DNS servers, remembering that this is a PPP connection.  This causes havoc on their dial ups. I have had a look at the DNS settings the GPO and even the DHCP server. I don't see anything that would force a PPP connection to use the internal DNS servers. The settings are not hard coded into the PPP connections IP settings.   Anyone have an idea of what this is or maybe I over looked something. Thanks!   Carlos