IPSec VPN using DNS?

[analogia22]

I have users using the 3Com VPN IPSec client to connect to our 3Com SS3 Firewall. When they connect from home or hotel they have trouble access network resources unless I manually edit their hosts file and/or add our internal WINS server into their TCP/IP stack. The DNS doesn't pass through. Am I doing something wrong?

 

[Castor66]

A kludge is to get them to use the IPSec client to get the tunnel up. Then use windows Remote Access to do all the domain stuff. It's a two step approach and you will need to have some server configured using RRAS for it to work but it definitely works.

 

[analogia22]

Thanks Castor66 for the reply.
I'm not sure that I'm following you.

Are you saying to:
1) establish an IPSec tunnel
2) establish a PPTP connection over the IPSec tunnel to a RRAS server in the domain.

Thanks again.

 

[Castor66]

Yup. That's exactly what I do. Saves messing with hosts files.

 

[analogia22]

Interesting idea.
This unfortunately would have the end user do 2 steps instead of one (probably will be frowned upon by many).
Is there a way to batch the two into one task?

 

[Castor66]

If you can get the IPSec tunnel raised by commandline you could play about with the 'rasdial' command-line and batch it up. The only problem I see with using the rasdial commandline is the entering of the username and password but I'm sure there should be a way of scripting that up.

I haven't looked at fixing this as I don't have that many users who use the VPN - most use our Extranet instead.