question

ElTistou-6106 avatar image
0 Votes"
ElTistou-6106 asked ElTistou-6106 commented

When VPN enabled, lost DNS and DCO / Event ID 8015, 334 ...

Hello all,
On a Windows Server 2019, when I'm connected on the VPN (IKEV), I lost the connection with local DNS (event ID : 8015).
I lost the communication with my DC (event ID : 334, 5719, 1054).
Of course when I try to connect on shared folder : \\nameofcomputer it don't work ... (by IP : yes).
When someone connect on this server it's very long and the VPN disconnect.
NSLookup show that it's the DNS remote who is by default.
So I change the metric, I enter "1" on my network adapter.
NSLookup show :
DNS Request timed out
Default server : Unknow
Address : 192.168.0.1

Thanks in advance for your help.







windows-serverwindows-dhcp-dns
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ElTistou-6106 avatar image
0 Votes"
ElTistou-6106 answered

I don't understand why the firewall would be the source of this problem.
Because when I'm disconnected from the VPN all work.

I've deactivated the Firewall and the problem is always present.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SunnyQi-MSFT avatar image
0 Votes"
SunnyQi-MSFT answered

Hi,

Thanks for posting in Q&A platform.

My understanding is when IKEv2 VPN is connected, you cannot connect to the DNS server. And as provided screenshots, my understanding is the IP address of VPN connection is 10.59.40.118 and the IP address of DNS server is 192.168.0.1. Please correct me if my understanding is wrong. Please make sure that these 2 subnet can connect with each other via a specific router.

Best Regards,
Sunny


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ElTistou-6106 avatar image
0 Votes"
ElTistou-6106 answered ElTistou-6106 commented

Hello,

When I'm connected on the VPN I can't resolve the address with my local DNS.
I can contact with a ping or again with the SMB protocol "\\192.168.0.1".
I've two network cards : one for the local area (192.168.0....) and other one for the VPN (10.59.40).

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello,

you have two network cards, and that is probably the problem.

Before VPN connection, the default gateway is the local network on the local area/network card.
After VPN connection, the default gateway is the VPN with the second network card.

It should be only the network card/default gateway that should know, what is local and what is remote/VPN.

You can try to change the metric, but the result will be hazardous.

Regards,


0 Votes 0 ·

Hello,

In fact, I've tried with one network card and with two and the result is the same.
With one network card when I connect to the VPN the nslookup indicate the address 172.11.170.131.
When I change the metric it indicate : 192.168.0.1 (my server) but timed out (previous screenshot).
We agree that the box "use default gateway" is uncheck.
So in this case the metric work but again one more time : no DNS communication.
However the ping works.

0 Votes 0 ·