-3

I have two Windows PCs (XP and 7) in my company. Both are connected to headquarters via OpenVPN. On one of them I can access to the internal HQ website. On the second it is not possible. I did tracert from both and I see that:

  1. for the XP the first point it connects is the VNC server in HQ and it reaches website in 3 hops.
  2. for the 7 the first point it connects is our local router and it reaches only main router in HQ going first through many cities (10 hops). In the end it can't load that website.

I suppose the reason is how DNS are used on both computers. But I can't find how to modify it. Could you help, please?

Win7:
ipconfig: http://pastebin.com/VmaQHrh9
netstat: http://pastebin.com/nc7Styu5
tracert: http://pastebin.com/HMSJtrtV

WinXP:
ipconfig: http://pastebin.com/Ee9qcXtg
netstat: http://pastebin.com/QdzKmJCs
tracert: http://pastebin.com/BbyUg6SP

bLAZ
  • 105
  • 1
  • 6
  • 2
    Our crystal balls are experience a critical error. Please add to the question (not the comments) the IP and routing configuration of the clients. You said you did a tracert, where is that information? – Daniel Dec 12 '16 at 10:46
  • @Daniel I've just added missing informations. Still don't understand this issue. – bLAZ Dec 14 '16 at 07:50
  • 2
    Your tracerts are to different addresses. `caniballes.cbk.waw.pl [192.168.252.179]` and `telemann.cbk.waw.pl [148.81.24.15]` Obviously differrent routes will be used for different destainations. Can you explain your problem again? What's the internal website address? – BlueCompute Dec 14 '16 at 10:43
  • @BlueCompute yes, I see. The problem is that when both users are connected with OpenVPN to other network only one of them (WinXP) has access to panteon.cbk.waw.pl website. Looks like different DNS (WinXP - DNS provided with VPN; Win7 - local DNS from router) are used in these systems. – bLAZ Dec 14 '16 at 10:53
  • Can you provide the relevant information, ie. tracert from both computers to panteon.cbk.waw.pl? – BlueCompute Dec 14 '16 at 11:57
  • @BlueCompute this is exactly what is provided above by pastebin. Both tracert are to panteon.cbk.waw.pl – bLAZ Dec 14 '16 at 12:20

1 Answers1

1

The windows 7 box is using 192.168.0.1 for DNS (presumably a home router that uses the ISP's DNS servers). This resolves your website panteon.cbk.waw.pl to 148.81.24.15.

The XP box correctly uses the internal DNS server 192.168.252.200 and resolves panteon.cbk.waw.pl to the internal IP 192.168.252.179.

Couple of ways round this:

  1. Use a unique URL for your internal website, eg. internalweb.cbk.waw.pl
  2. On the Win 7 box add a HOSTS file entry for panteon.cbk.waw.pl using the internal IP 192.168.252.179
  3. Set the Win 7 box to use the DNS at 192.168.252.200 as primary DNS

Main issue is that your target website resolves both internally and externally depending which DNS you use.

BlueCompute
  • 2,924
  • 2
  • 18
  • 28
  • I'm curious why `192.168.0.1` is used once and `192.168.252.200` other time... I started investigating on different PCs, mainly with Win7, and the situation is that some of them behaves like above Win7 and others like above WinXP. On one MacOS that I have available connection to panteon.cbk.waw.pl was available only after checking `Set nameserver` checkbox. I don't know how to force Windows (and OpenVPN software) to use remote DNS instead of `192.168.0.1` – bLAZ Dec 14 '16 at 12:52
  • 1
    As discussed here the order the DNS servers are used in is dictated by the NIC binding order: http://serverfault.com/questions/84291/how-does-windows-decides-which-dns-server-to-use-when-resolving-names – BlueCompute Dec 14 '16 at 13:27