[ previous ] [ next ] [ threads ]
 From:  Brian Morton <rokclimb15 at gmail dot com>
 To:  Falcor <falcor at netassassin dot com>
 Cc:  Lee Sharp <leesharp at hal dash pc dot org>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Register DHCP leases in DNS forwarder not working over PPTP
 Date:  Mon, 12 Feb 2007 23:35:00 -0500
You are correct about my setup.  It is as you described it with the DNS 
forwarder).  However, it seems that nslookup on Windows XP gives up when 
it tries to find the hostname on the first DNS server (primary local 
DNS, provided by my ISP, Speakeasy).  It doesn't subsequently try my 
secondary local or primary PPTP (m0n0wall).  If I manually specify

nslookup <remote NetBIOS hostname to try>

where is my m0n0wall address, it succeeds.  However, the XP 
networking stack doesn't seem to have the sense to do this on its own.

Falcor wrote:
> What are you using for the DHCP server for the PPTP network?  If you 
> are using the m0n0wall for this:  The DNS servers entered in System: 
> General setup <https://m0n0wall/system.php> (or the DNS forwarder 
> <https://m0n0wall/services_dnsmasq.php>, if enabled) will be assigned 
> to clients by the DHCP server.  The PPTP "Server address" will also be 
> added as a DNS server... thus the DNS lookup will still hit the 
> m0n0wall.  Unless of course you are redirecting the PPTP connections 
> to another PPTP server.
> Brian Morton wrote:
>> I have figured out the issue, now I just need to figure out how to 
>> fix it.
>> By default, m0n0wall only includes a rule to allow TCP traffic from 
>> the PPTP
>> clients.  Since DNS is a UDP protocol, all DNS lookups from PPTP clients
>> were being blocked.  I added a rule to allow all UDP traffic over the 
>> interface, and this resolved the issue of being able to resolve names.
>> Unfortunately, it appears Windows XP tries the local DNS servers for my
>> network interface before trying the one on my PPTP interface.  This 
>> means
>> that when I try to resolve a hostname on the m0n0wall network, it first
>> attempts my primary local DNS server, which is a public DNS server 
>> for my
>> ISP.  This lookup fails, and it assumes that the host does not 
>> exist.  Is
>> there any way to make the DNS server served by the PPTP server take 
>> priority
>> over my local DNS?
>> On 2/12/07, Lee Sharp <leesharp at hal dash pc dot org> wrote:
>>> On Mon, 12 Feb 2007 14:44:36 -0500
>>>   Brian Morton <rokclimb15 at gmail dot com> wrote:
>>> > I am running 1.23b3 pc-generic on a PII 300 with 128MB RAM.  This is
>>> >my first set up at this location, so I can't say if this feature
>>> >worked prior to this version.  I have the option set to "register
>>> >dhcp leases in DNS forwarder".  In my prior experience with m0n0wall,
>>> >this should cause a Windows computer name to resolve to the internal
>>> >ip address (for instance, a computer named "brian" should resolve to
>>> >an internal address when "brian" is pinged).  This does not seem to
>>> >be the case when I connect via PPTP.
>>> Do an "ipconfig" on the machine you are tunneling in on.  I bet your
>>> DNS is NOT the remote m0n0wall.  And it will need to be to find those
>>> names.
>>>                            Lee