Issue: Unable to Access Corp Intranet While Connected to Satellite Office Network VS Can Access When Connected to Corp VPN

Step 1: obtain information from DNS servers differences between VPN vs Non-VPN connections

Obtain network info while CONNECTED to VPN

PS C:\Windows\system32> nslookup fileserver01.hooli.com
================================================================
Server: vpndns007.hooli.com
Address: 007.007.007.007
Non-authoritative answer:
Name: fileserver01.hooli.com
Address: 006.006.006.006
PS C:\Windows\system32> route print 6.6.0.0
===========================================================================
Interface List
8...00 09 0f aa 00 01 ......Fortinet SSL VPN Virtual Ethernet Adapter
9...00 0c 29 7a 20 5e ......Intel(R) 82574L Gigabit Network Connection
7...00 09 0f fe 00 01 ......Fortinet Virtual Ethernet Adapter (NDIS 6.30)
1...........................Software Loopback Interface 1
22...c2 15 b9 3d 9b a9 ......Hyper-V Virtual Ethernet Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
6.6.0.0 255.255.0.0 6.6.254.254 006.006.254.185 1
===========================================================================

Obtain network info while NOT on VPN

PS C:\Windows\system32> nslookup fileserver01.hooli.com
===========================================================================
Server: UnKnown
Address: 500.500.500.500
Non-authoritative answer:
Name: fileserver01.hooli.com
Address: 006.006.006.006
PS C:\Windows\system32> route print 6.6.0.0
===========================================================================
Interface List
8...00 09 0f aa 00 01 ......Fortinet SSL VPN Virtual Ethernet Adapter
9...00 0c 29 7a 20 5e ......Intel(R) 82574L Gigabit Network Connection
7...00 09 0f fe 00 01 ......Fortinet Virtual Ethernet Adapter (NDIS 6.30)
1...........................Software Loopback Interface 1
22...c2 15 b9 3d 9b a9 ......Hyper-V Virtual Ethernet Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
NONE
===========================================================================

Step 2: Interpret the output of previous step

From the results of the outputs, we can assume that the VPN-DNS vs Non-VPN DNS servers are yielding the same result of the target node. However, the Non-VPN connection is missing the route toward that target. Therefore, the fix is to add a route at the satellite office’s gateway toward the target’s network.

Leave a Reply

Your email address will not be published. Required fields are marked *