Cannot Resolve DNS in Windows 7 x86 SP1 with Cisco VPN 5.0.07.0290

btate · ‎06-24-2011

Hello all,

I am unfortately the only IT staff now for 100 - 150 users in my organization besides a consultant who doesn't have an answer for this issue even though he sold us the hardware and environment. While I realize that this version of the Cisco VPN doesn't support Windows 7, we do have some Windows 7 PC's that have the software and work perfectly fine upon install. In this case, I am at a remote location with both a Windows XP SP3 and Windows 7 SP1 computer. Both have the same Cisco client installed and connect to our ASA5520.

I cannot get DNS resolution out of this computer to any remote network resources or other domains such as cnn.com including localhost. Adding the entries manually in the hosts file does nothing and I even tried removing the VPN client, the network connections and components and even a manual winsock reset. I cannot resolve internet DNS but can ping all internal IP addresses. The Windows XP computer across from me has no issues. This seems like a hit or miss here but what am I missing here, any ideas people? I am not going to update any VPN clients as we still don't have computers who are functional so I need to spend money where it counts before I upgrade computers and I cannot perform a downgrade on this model because the previous person who bought it didn't bother to check Windows XP compatibility before they installed them in 10+ communities. Any help is much appreciated. Thank you!

Here's my IP config - FYI all works well when not connected to the VPN for general web domains.

C:\Users\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : GHN-Green-S01
   Primary Dns Suffix . . . . . . . : grandhomes.com
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : grandhomes.com

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix . : grandhomes.com
   Description . . . . . . . . . . . : Cisco Systems VPN Adapter
   Physical Address. . . . . . . . . : 00-05-9A-3C-78-00
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ad46:a618:4493:ce2c%21(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.4.4.84(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 452986266
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-DB-6C-60-84-2B-2B-93-C4-E6

   DNS Servers . . . . . . . . . . . : 172.16.10.17
                                       172.16.10.18
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix . : gateway.2wire.net
   Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
   Physical Address. . . . . . . . . : 84-2B-2B-93-C4-E6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f8db:4ff6:a192:cc91%16(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.71(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, June 24, 2011 12:29:05 PM
   Lease Expires . . . . . . . . . . : Saturday, June 25, 2011 12:29:04 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 277097259
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-DB-6C-60-84-2B-2B-93-C4-E6

DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . : gateway.2wire.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:824:d5f:3f57:feb8(Prefer
red)
   Link-local IPv6 Address . . . . . : fe80::824:d5f:3f57:feb8%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.grandhomes.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . : grandhomes.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

C:\Users\Administrator>nslookup cnn.com

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 172.16.10.17

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Request to UnKnown timed-out

C:\Users\Administrator>nslookup ghn-green-s01.grandhomes.com

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 172.16.10.17

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Request to UnKnown timed-out

C:\Users\Administrator>

LEKANADE23 · ‎06-30-2011

To resolve the DNS issue with the windows 7 on VPN.

Connect the VPN client to the headend VPN server then go the adapter setting of the vpn client.

From the general property click advance, then click the DNS tab and change the append dns to the second one.

This problem occurs when you connect RA client using USB internet modem. this will not happen if rj45 or wireless connection is used.

btate · ‎10-06-2011

This was not a USB modem - therefore this problem occurs in other scenarios. Here's what I have determined and is most certainly what I see most common and has resolved 9 in 10 of these issues.

These computers (some XP SP3 and others Windows 7 SP1) are connected via Ethernet to either AT&T U-Verse or Verizon FiOS services. It seems that the order in which Windows is looking to resolve DNS requests on an adapter is most likely the cause.

In Windows XP, open the Control Panel and Choose Network Connections then Advanced > Advanced Settings.

Make sure the Cisco Adapter has priority over the other connections.

In Windows Vista, Windows 7 make sure you open Network and Sharing Center > Manage Adapter Settings. You may need to hold down the ALT button to see the Advanced > Advanced Settings Options.

CiscoUSA625 · ‎06-05-2014

1) Determine which adapter has the correct DNS Settings you want to use:

- @ a command prompt: ipconfig /all

(It will show you all the adapters: Local Area Connection, Local Area Connection 2, Wireless Network Connection, Wireless Network Connection)

2) WIndows 7 Machines refer to http://support.microsoft.com/kb/2526067 (It has images if you are lost)

-Make the adapter you want with the correct DNS Settings the 1st in the list, no reboot needed and now it will use those DNS settings.