Cisco rv320 Vpn resolving name issue

kwest

kwest

Well-Known Member
Reaction score
540
any help you can give would help a ton.

Using easyvpn setup
Logs in and connects ok
\\server\share doesn't connect
\\ip address\share connects
\\server.domain.com\share connects

Server is windows server 2012 standard.

So to summarize share don't connect unless I use servers fqdn or IP address.


Thanks in advance.
 
I am guessing it is a dns issue or that the vpn router can't access active directory to resolve names. Just not sure what I need to put in dns or the router so that can happen. I have searched google for answers but might end up having to call cisco. I was hoping to avoid that if any of you have worked with this before.

Thanks
 
It is DNS related....yes.
Typically with VPNs, by default you don't have name resolution to the internal host network, so you work with IP addresses.
Depending how the host network is setup, you can get name resolution working through VPN tunnels....through one of several different approaches. Some routers allow local DNS tables to be built.
Some routers allow DNS forwarding
Some people do the old poor mans WINS approach (hosts files)
Some VPN setups allow modifying your TCP/IP entries and you manually set the IP address of the host networks DC as the primary DNS server of the VPN dial up adapter.
 
I found the fix if anyone else runs into this. it is hidden under edit on vpn page

Navigate to VPN -> Summary. Click on "Edit" in "Virtual IP Range" section. And here please fill IPs of your domain controllers.

Hopes this helps someone in the future
 
New issue. Vpn connects and mapped drives all work.
It is very slow to open or work with files. Like 5 minute to open a 86kb word doc.

I called Cisco and they said that I need to add the Vpn ip scope to DNS but not sure how to do that and if that would fix the issue.

Thanks in advance for any help you can give. I am about to just scrap the vpn solution and buy 5 rdp calls for 900 and just have users use Remote Desktop.
 
kwest said:
I found the fix if anyone else runs into this. it is hidden under edit on vpn page

Navigate to VPN -> Summary. Click on "Edit" in "Virtual IP Range" section. And here please fill IPs of your domain controllers.

Hopes this helps someone in the future
Click to expand...

Yup so there's the DNS forwarding feature.
 
kwest said:
New issue. Vpn connects and mapped drives all work.
It is very slow to open or work with files. Like 5 minute to open a 86kb word doc.

I called Cisco and they said that I need to add the Vpn ip scope to DNS but not sure how to do that and if that would fix the issue.

Thanks in advance for any help you can give. I am about to just scrap the vpn solution and buy 5 rdp calls for 900 and just have users use Remote Desktop.
Click to expand...

So there are a lot of factors to the equation here.
*Bandwidth of the office hosting the VPN. Naturally upstream is important here.
*QoS that can be dedicated to the VPN. Say that office has a 30/2 connection. And there are 30x nodes on the network...includiing 2 servers. Some offsite backup. EMail. Including sending. Other general office staff use. Depending on how Microsoft updates and antivirus are handled. You can have a very fat internet pipe...but a handful of users and other services can clog it up quickly. That's why you want to dedicate an amount or at least a percentage to VPN traffic. Some firewalls also allow you to dedicate bandwidth to/from certain hosts (such as the file server)
*How many "concurrent VPN users"? Routers that also do VPN hosting often share a CPU....so they don't have a lot of "balls" sort of speak..to give to VPN users. Some models have a dedicated coprocessor just for the VPN. (I'm not sure on the RV320). But if VPN performance is very important to the client, and especially to many concurrent VPN users...IMO put in a dedicated VPN appliance like a Juniper SA series SSL box. Expensive...yes. But they have serious nut and nothing is faster for remote users.
 
YeOldeStonecat said:
So there are a lot of factors to the equation here.
*Bandwidth of the office hosting the VPN. Naturally upstream is important here.
*QoS that can be dedicated to the VPN. Say that office has a 30/2 connection. And there are 30x nodes on the network...includiing 2 servers. Some offsite backup. EMail. Including sending. Other general office staff use. Depending on how Microsoft updates and antivirus are handled. You can have a very fat internet pipe...but a handful of users and other services can clog it up quickly. That's why you want to dedicate an amount or at least a percentage to VPN traffic. Some firewalls also allow you to dedicate bandwidth to/from certain hosts (such as the file server)
*How many "concurrent VPN users"? Routers that also do VPN hosting often share a CPU....so they don't have a lot of "balls" sort of speak..to give to VPN users. Some models have a dedicated coprocessor just for the VPN. (I'm not sure on the RV320). But if VPN performance is very important to the client, and especially to many concurrent VPN users...IMO put in a dedicated VPN appliance like a Juniper SA series SSL box. Expensive...yes. But they have serious nut and nothing is faster for remote users.
Click to expand...

bandwidth 50 down 10 up
They have just laid people off so currently there are only two people in the office using the file share
No one is using vpn yet. I am the only one logging in an testing.

So because of this I would think it is an issue with dns internally as to why it won't or server security. Do I need to add the vpn ip address scope to dns? What else could cause this?
 
Once you find a file, it's not a name resolution issue....thus it's not related to DNS. I'm guessing (with confidence) that if you open it via IP only.. \\10.1.1.10\shared\test.doc for example...it still opens slowly. Since you network searched for the host/file via IP address...DNS doesn't even step into the equation.
Opening slowly is a bandwidth/throughput factor.
 
Security will be either allowed...or not (do you get a password challenge...if not...you're in. If so..once you satisfy it with user/pass..you're in). There's no "speed" difference.
Speed of connection you're coming from?
Antivirus on server. (temp disable real time protection just for the period of testing)
Antivirus on your workstation. (temp disable real time protection just for the period of testing)
 
You must log in or register to reply here.

Similar threads

C
VM Server reboot has a 169. address.
Replies
3
Views
979
YeOldeStonecat
YeOldeStonecat
HCHTech
Narrowing down a internet issue
Replies
5
Views
406
YeOldeStonecat
YeOldeStonecat
HCHTech
Outlook New rant
Replies
12
Views
743
dcomp12
D
HCHTech
Automating certificate deployment for RDP over VPN
Replies
11
Views
3K
sits
S
tek9
[SOLVED] IPsec VPN and FreePBX provisioning
Replies
4
Views
901
tek9
tek9
Back
Top