1
So I'm running a cisco 30005 VPN concentrator.
Network Diagram:
So the cisco linux client works fine, I can ping google, and traceroute goes through 192.168.1.1, which is my router. It does normal name resolution stuff on all the steps.
But when a windows client connects, no hostnames can be resolved. It's not even internal hostnames(I have no internal DNS stuff), it's all hostnames. I cannot ping google.com, but I can ping 173.194.46.38.
With tracert, the first step is the public interface of the VPN, then the router, and then onwards to google(No name resolution, just IPs).
Linux, connected to VPN mark@Laptop:~$ traceroute google.com traceroute to google.com (74.125.225.37), 30 hops max, 60 byte packets 1 * * * 2 192.168.1.1 (192.168.1.1) 9.569 ms 9.616 ms 9.665 ms 3 mx80-07-001-resnet-wads-5.tc.mtu.edu (141.219.232.2) 13.059 ms 13.102 ms 13.119 ms 4 mx960-07-001-rtr-z03-eerc.tc.mtu.edu (141.219.183.122) 13.501 ms 17.128 ms 17.147 ms 5 mx80-07-002.tc.mtu.edu (141.219.183.97) 17.540 ms 20.541 ms 20.581 ms 6 xe-0-0-3.hgtn-cor-mtu.mich.net (207.75.40.9) 20.597 ms 14.320 ms 14.290 ms 7 vlan47.iron-mt-gigsw1.mich.net (198.108.22.41) 21.427 ms 18.776 ms 18.793 ms 8 xe-5-0-1x69.eq-chi2.mich.net (198.108.22.97) 36.628 ms 38.027 ms 34.386 ms 9 207.72.112.46 (207.72.112.46) 38.075 ms 37.717 ms 34.649 ms 10 209.85.254.120 (209.85.254.120) 38.147 ms 35.094 ms 34.896 ms 11 209.85.250.28 (209.85.250.28) 34.962 ms 28.178 ms 30.715 ms 12 ord08s06-in-f5.1e100.net (74.125.225.37) 30.733 ms 29.842 ms 28.085 ms ----------------------------------------------------------------------------------------------------------------- Windows, connected to VPN C:\Users\Mark>tracert 173.194.46.38 Tracing route to 173.194.46.38 over a maximum of 30 hops 1 2 ms 2 ms 2 ms 141.219.233.110 2 2 ms 2 ms 3 ms 192.168.1.1 3 5 ms 2 ms 2 ms 141.219.232.2 4 3 ms 2 ms 2 ms 141.219.183.122 5 2 ms 2 ms 2 ms 141.219.183.97 6 3 ms 2 ms 2 ms 207.75.40.9 7 8 ms 7 ms 7 ms 198.108.22.41 8 25 ms 25 ms 25 ms 198.108.22.97 9 25 ms 25 ms 25 ms 207.72.112.46 10 25 ms 25 ms 26 ms 209.85.254.120 11 26 ms 26 ms 26 ms 209.85.243.53 12 26 ms 25 ms 25 ms 173.194.46.38 Trace complete. ----------------------------------------------------------------------------------------------------------------- VPN, from public interface. I can't figure out how to have it try from the private interface. Traceroute start... traceroute: Warning: google.com has multiple addresses; using 173.194.46.110 traceroute to google.com (173.194.46.110), 30 hops max, 40 byte packets source interface: Public (141.219.233.110) 1 mx80-07-001-resnet-wads-5.tc.mtu.edu (141.219.232.2) 0.388 ms 0.359 ms 0.342 ms 2 mx960-07-001-rtr-z03-eerc.tc.mtu.edu (141.219.183.122) 0.360 ms 0.354 ms 0.327 ms 3 mx80-07-002.tc.mtu.edu (141.219.183.97) 0.442 ms 0.406 ms 0.450 ms 4 xe-0-0-3.hgtn-cor-mtu.mich.net (207.75.40.9) 0.437 ms 0.440 ms 0.403 ms 5 vlan47.iron-mt-gigsw1.mich.net (198.108.22.41) 5.54 ms 6.83 ms 6.62 ms 6 xe-5-0-1x69.eq-chi2.mich.net (198.108.22.97) 23.2 ms 23.1 ms 23.4 ms 7 207.72.112.46 (207.72.112.46) 23.5 ms 23.2 ms 23.4 ms 8 209.85.254.128 (209.85.254.128) 23.5 ms 27.5 ms 23.6 ms 9 209.85.245.225 (209.85.245.225) 23.8 ms 23.8 ms 23.9 ms 10 ord08s13-in-f14.1e100.net (173.194.46.110) 23.5 ms 23.7 ms 23.4 ms Trace complete.
I have the client's DNS servers to 8.8.8.8 and 8.8.4.4 in the interface IPv4 settings, and the router's DNS servers set to that as well.
The routing table for the VPN is
Address Mask Next Hop Interface Protocol Age Metric 0.0.0.0 0.0.0.0 141.219.232.1 2 Default 0 1 141.219.232.0 255.255.254.0 0.0.0.0 2 Local 0 1 192.168.1.0 255.255.255.0 0.0.0.0 1 Local 0 1
I don't really understand what this means. I assume the introductory networking class I'll hopefully be taking next fall will be helpful with this, but it's less than useful right now.
.
End goal here is just to feel better about using public wifi somewhere, just so I can run everything through a VPN. Also, access windows shares.
So what can I do to help figure out what I'm doing wrong?
mtfurlan
Posted 2013-11-14T19:54:11.543
Reputation: 153
So what do you mean y adding specific routes to google's nameservers in the router? I have set 8.8.8.8/8.8.4.4 as the DNS servers on the router(As well as on the windows client, as I mentioned). Is that what you mean? – mtfurlan – 2013-11-14T22:01:25.240
The only routing stuff I can find for ddwrt is stuff to deal with subnets. – mtfurlan – 2013-11-15T18:38:05.730
I am suggesting to try a solution. If it does not work, turn off your Windows pc, and we are back to square one. On a Windows machine, give the command: route add 8.8.8.0 mask 255.255.255.0 192.168.1.1 Check now whether hostnames can be resolved by loading any outside Web page. – MariusMatutiae – 2013-11-15T18:45:07.493
Okay, after doing that I can't ping google.com. The tracert to 8.8.8.8 is the same till step 10 in the tracert in the question, and then times out three times, but gets to 8.8.8.8 on step 17. Is it useful for you to see? – mtfurlan – 2013-11-15T18:54:59.273
I've done a bit of reading on how routing tables work, and I don't see how that would help, as I can still ping 8.8.8.8 through the VPN. Also, if it was just asking the school DNS servers to resolve names, it would still resolve and work fine. (Don't see how that could happen, as all traffic goes through the VPN anyway.) – mtfurlan – 2013-11-20T17:41:56.920