ISEKI CISCO SYSTEMS OL-5450-10 User Manual

Usage Notes

30

Release Notes for VPN Client, Release 4.0 through Release 4.0.5.D

OL-5450-10

The VPN Client, Release 4.0, with Virtual Adapter attempts to modify local route
metrics to allow data to pass over the VPN tunnel. In some cases, it is impossible
for the VPN Client to make this modification (CSCdz38680).

To work around this problem, make the change manually, using the following
procedure:

Step 1

Run > Control Panel > Network and Dialup Connections.

Step 2

Right-click on the adapter in question and select Properties.

Step 3

From the Adapter Properties dialog, select TCP/IP from the list and click
Properties.

Step 4

Click Advanced and increase the number in the “Interface metric” box by 1 (it is
usually 1, so making it 2 works).

Step 5

Click OK to exit out of all dialogs.

Step 6

The VPN connection should now work.

DNS Server on Private Network with Split DNS Causes Problems

When an ISP’s DNS server is included in the Split Tunneling Network List and
Split DNS Names are configured, all DNS queries to domains other than those in
the Split DNS Names list are not resolved.

By definition, split DNS is used so that only certain domains get resolved by
corporate DNS servers, while rest go to public (ISP-assigned) DNS servers. To
enforce this feature, the VPN Client direcds DNS queries that are about hosts on
the Split DNS Names list to corporate DNS servers, and discards all DNS queries
that are not part of the Split DNS Names list.

The problem is when the ISP-assigned DNS servers are in the range of the Split
Tunneling Network List. In that case, all DNS queries for non-split-DNS
domains are discarded by the VPN Client.

To avoid this problem, remove the ISP-assigned DNS server from the range of the
Split Tunneling Network List, or do not configure split DNS (CSCee66180).