Re: Network Connect DNS Resolution Issue in Vista

drf_ · ‎01-28-2009

On Windows Vista, if split-tunneling is disabled with Network Connect, I have found that DNS requests still get sent to the local ISP (or local LAN) DNS servers. These requests will timeout since split tunneling is disabled and the ISP's DNS servers are not accessible.

This causes delays in IP resolution when the user is trying to use a short name instead of the fully qualified domain name which is typical of most end users when accessing file shares.

Also it explicitly states in the admin guide that the expected behavior is this: "If you disable split-tunneling, all DNS requests go to the IVEÕs DNS server and your setting for the DNS search order preference does not apply." (pg. 609)

This problem does not occur on Windows XP
I tried another VPN client from Nortel Networks and it does not exhibit this behavior. It works properly and only uses the VPN DNS servers.

JTAC claims this is a Vista problem, but I am skeptical. Has anyone else seen this problem?

We are using 6.3R2 and tested this on Vista SP1

bar0k_ · ‎01-30-2009

This is a Vista issue because of Multi-homing DNS query.

Yves_ · ‎04-06-2009

Hi,

I encountered a similar problem with the Juniper VPN client and Cisco IP Communicator (CIPC). DNS resolution didn't work on the lan interface, but worked on the wireless interface with the VPN client. If we uninstalled CIPC, the VPN client work fine.

IPv6 was disable on the Vista SP1 computer. I uninstalled the client Juniper and CPIC, reactivated IPv6 and restarted. Then, I reinstalled the Juniper VPN client and CIPC, after that everything work fine.

We encountered this issue with 6.3r3 and 6.4r1.

Yves