Hi there!

My client got an issue with RA VPN and DNS records and I'll highly appreciate if someone could explain or resolve this issue.

The client has reported that all the company staffs are using AnyConnect VPN to access their internal corporate networks and also they're using SCCM and CMRC to remote onto other VPN user’s laptops.

Basically, when the client was remotely connected to a laptop with computer name for example L0002867 and had to reboot the computer. After the reboot, the user logged back in and connected to the VPN. The client then tried to remote onto the laptop with the computer name and it came up with a CMRC error  saying that he doesn't have permission to connect (although he has permission to remote onto all computers on the network). He pinged the laptop number which gave him an IP address of 10.10.251.13. When he remoted onto the computer using this IP, he was put onto a completely different computer. When we  checked the DNS and found that the IP for L0002867 was actually 10.10.251.41. He tried to connect using this IP which got me back onto the laptop. This issue happens all the time with different computer names.

We did ask the client to clear the local DNS cache using "ipconfig /flushdns" .

The fact that the issue might be because it's a VPN client he's trying to remote onto. When a Windows computer gets a DHCP address from the DHCP server, it will try to update it's A record in the domain DNS server. As it's on a VPN, it is most likely unable to do that, so the DNS record will always be wrong for clients on the VPN.