02-13-2012 07:51 AM
I have a Cisco RV042 router set up on a network with a Microsoft Small Business Server. The server handles the network DHCP (address assignment) as well as all DNS queries (and is a WINS server as well). The connection to the Internet is through a PPPOE service. This means the router's DHCP service is disabled.
When I enable and set up the PPTP VPN on the router and connect to the network remotely using the Windows built-in PPTP client, I can configure the TCP/IP properties for the connection on the remote computer to use the Small Business Server's DNS and WINS services. This means I can browse the network using names rather than just IP addresses. The problem is that this router only supports 5 PPTP connections.
So I went to try the QuickVPN client. It can connect fine and even though the "Use Remote DNS Server" is checked it cannot resolve the names in the remote network. I don't see any settings in the RV042 that allows me to set the DNS server to the internal Small Business Server. The PPPOE connection doesn't have an option to specify DNS servers and unless DHCP is enabled, there is no setting there.
I have both v13 and v3 versions of the RV042 router and don't see any settings for telling the router to also use the Small Business Server DNS for internal name resolution. I saw a previous email on the same subject but no resolution. Is there something I'm missing before trying other solutions?
Just as an FYI the one thing I found different between using the PPTP VPN connection and the QuickVPN connection was that with PPTP all traffic goes through the VPN link whereas with QuickVPN only traffic for the remote network passes through it. This makes the PPTP connection preferred when I'm connecting remotely from a WIFI hotspot as I know that all my browsing is secure.
02-13-2012 08:15 AM
Cooper,
Correct the PPTP - full tunnel Qvpn - split tunnel.
When using Qvpn (selected use remote DNS) this will use the DNS entry within WAN DNS 1 .Since you're using an internal DNS server and if you have a static public ip address you can alter WAN DNS 1 entry to reflect your local DNS server and this should work. Now since Qvpn utility is just a program that allows you to quickly and easily configure Windows IPSec client to connect to our routers we are limited on options can be configured. That being said in your situation seems you need a Router with an actual client. The SA500 series devices will give you 3 options to choose from SSL client & Cisco vpn client – (Which DNS & Domain configurable) 3rd Qvpn option which not best suitable since you’re using internal DNS/Domain.
If you need more information you can always give us a call @ 1-866-606-1866
Hope this helps,
Jasbryan
02-13-2012 09:30 AM
Thanks for your prompt reply. I did see that if I could switch the WAN1 login to STATIC IP or I think even Dynamic IP that I could set the DNS server setting. However when WAN1 is set to PPPOE there is no setting for another DNS server. It would be nice if Cisco could add that since almost all my clients use PPPOE for their internet connection due to cost here in Bell Canada territory. They have a fixed IP as get the same IP every time they log in.
I was thinking of adding another router between the RV042 and the DSL modem that would handle the PPPOE connection so I could use the STATIC IP setting on the RV042. I'll have to work out the pass-thru settings on the additional router so it all works.
Actually the QuickVPN utility will be suitable for my needs as I have people working from home from a fixed workstation. They can then use a VNC setup to connect to their work computer (this is so the office manager can see they are actually working). It minimizes tunnel traffic if they are running web based apps or using a VOIP phone at home. I just noted the difference between the two methods as the PPTP VPN connection comes in handy for users on the road and want security at WIFI hotspots. I never found this explained anywhere in my research.
I like this setup due to cost (QuickVPN is free) and easy configuration (I've worked with Shrew and other paid IPSEC clients with limited success). So far I'm quite happy with the RV042.
02-13-2012 11:05 AM
Cooper,
Qvpn doesn't support NAT-T over ipsec so the RV0xx router. So adding another router in the mix would just complicate things further. How many clients need vpn access?
Jasbryan
02-13-2012 11:21 AM
There were going to be up to 7 separate users. I will investigate the Shrew Client software again. I can't remember if I could specify the DNS or WINS settings in it though. Cost is a factor as I'm already over-budget on the total project. Plus I'm hoping what I learn from this (the VPN part) can be applied at other clients' sites so I don't mind spending the (unbillable) time on it.
02-23-2012 08:33 AM
Just a quick update. I did put another router in front of the RV042 and set the RV042 to use a static IP instead of PPPOE. I could then enter the DNS setting to point to the internal server. IT WORKS! I can connect from outside using QuickVPN and resolve the internal names (has to be the full name like COMPUTER13.DOMAIN.LOCAL).
The modem/router in front handles the PPPOE connection to the internet provider and is set up with DMZ which points to the RV042. I used a fixed address of 192.168.250.2 for the RV042 WAN1 port (the router in front was 192.168.250.1). The internal network is 192.168.3.x.
I've looked at other routers and most provide the option of setting the DNS with the PPPOE connection. Hopefully the RV042 can have this option in a future release.
02-23-2012 02:11 PM
Hello lancooper,
What is the firmware you are using?
The work around to get DNS to work through QVPN up until the 4.1 code was to setup the Internal DNS server address on the WAN ISP information. Now from what I can recall you can set this information under the DHCP tab at the bottom there should be a DNS Server field and a WINs server field.
Cisco Small Business Support Center
Randy Manthey
CCNA, CCNA - Security
02-23-2012 08:14 PM
The RV042 I'm using has firmware version 1.3.13.02-tm (Jan 28 2011 18:39:04). This was for the previous hardware version (I've seen Version 3 of the hardware with the latest firmware and it does not appear to have that function either).
When the WAN Connection Type is set to PPPOE there is no option to specify the DNS servers.
As mentioned in my initial message the DHCP on the RV042 is disabled since the network is running Windows Small Business Server which handles the DHCP assignments. This has been the typical setup at a number of small companies I do work for. Since DHCP on the RV042 is disabled there are no options to specify DNS or WINS server.
It just seems odd that for all the functionality of the RV042 it lacks specifying additional DNS servers for PPPOE (just uses the ones supplied by the Internet Service Provider). This would be useful for those users using alternate DNS servers from Google or OpenDNS. Other models of routers I use do have that capability when using a PPPOE connection.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide