----- Original Message -----
Sent: Tuesday, March 27, 2001 9:42
AM
Subject: [FW1] Split DNS
Hi there,
We just experienced an issue that seemed to be a split-dns
problem and I was wondering if anyone else had encountered this or had any
thoughts on it.
Some background:
We employ split DNS
to allow our vpn users to access internal network resources. We do not use
WINS and instead use DNS for all name resolution. In our DHCP scope, we listed
4 DNS servers. Recently, we cut that down to 2 and we removed the servers from
the DHCP scope that users were using for split DNS.
After we had made that change, some users were complaining
they could not access anything outside our network when they were plugged
directly into our internal LAN. It turns out that the only users who were
having the problem were those who had SecuRemote installed on their laptops.
They could not resolve any names, except through broadcasting. They're all on
Win2K machines and I tried to do nslookups, but it wouldn't recognize either
of our 2 DNS servers that were in the DHCP scope. If I killed the SecuRemote
client on their machines, the problem stopped and everything was
tickety-boo.
We changed the dnsinfo file on the firewall to reflect the new
DNS servers and had everyone update their clients and all is fine
now.
What happened? It almost looks like SecuRemote is still active
even if you're connected to the local LAN. Has anyone else had anything like
this happen?
Rob Michayluk
Computer Network
Services Analyst
ACD Systems Limited
Tel:
Fax: (250)
544-0291
[email protected]
www.ACDSYSTEMS.com
Come meet the ACD
Systems Team!
CeBIT 2001, Hannover,
Germany, March 22-28, Location 009, Stand B45/2
MacWorld 2001, New
York, July 18-20, Booth 1331
Comdex Fall 2001,
November 12 - 16