WIN 2000 VPN help 1

[hinesjrh]

I have been asked to fix an issue related to our existing VPN solution, but I have limited experience. Bear with me as I attempt to explain. Our VPN solution seems uncomplicated and serves most of our remote users well. The users that have an issue are those that need to get to webs that are located in our DMZ. While connected to our VPN we can not display URLs that reside on servers that are in our DMZ. If we disconnect from our VPN (yet stay connected to the Internet from any remote location) we can access these sites. How can I determine what in my VPN or other LAN/WAN setting would be causing this issue?

My internal network is at 10.1.x.x - 10.3.x.x, while my DMZ is at 10.253.x.x.

Maybe I need to build something into my VPN config to allow for the 10.253.x.x ???

 

[ReddLefty]

I'm guessing that your using the same domain name for both your internal network and your internet domain name. If so, you must add your external web pages in your DNS to point to the external IP's.

If your company domain name is company.com and you also use company.com in your internal network, when you connect to the VPN and ask to go to

http://www.company.com

(let's say it's hosted outside), your system will try to resolve it with your internal DNS and since your internal DNS thinks it's company.com, it will search it's database and see it doesn't exist it will simply return a "host not found" without forwarding it to an outside DNS for resolution.

By adding the extenal IP for "www" in your internal DNS, it will fix it. This is why it's not always a good idea to use the same domain name for external and internal use, but this all depends on your site configuration.

In space, nobody can hear you click