cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
2,465 Views
Message 11 of 24

Re: VPN not working from BT internet

As the complaint is around DNS & the BT Hubs don't allow anything other than BT DNS, it might be worth setting the Google DNS on the device's NIC properties directly.

2,458 Views
Message 12 of 24

Re: VPN not working from BT internet

Might work but surely the device is not using the hub's DNS at all but is tunnelling via the VPN to the office router and accessing DNS services there.

0 Ratings
Reply
2,456 Views
Message 13 of 24

Re: VPN not working from BT internet

So by default BT routers use BT's pretty decent own DNS servers, and not Google DNS.  It would look like your VPN server is pushing client DNS servers to users, but that this user's machine is then making DNS lookups back over the VPN link but to Google DNS.  This is going to be a setting either in the VPN client or the network settings of the user's machine.  It's not even that hard to over-ride using the routing features with a Draytek router (just route 8.8.8.8 and 8.8.4.4 to the DNS they should be using).
*Using an Asus router with multiple VPN and SDNS services available if they need to be called on
**If the client software is still using WinPCAP or similar, a more modern client could be a fix too!


I only learn by making mistakes and owning up to them - boy do I learn a lot!
0 Ratings
Reply
2,439 Views
Message 14 of 24

Re: VPN not working from BT internet

When you create a vpn client connection, the vpn server normally sends the ip address, mask, dns address etc to the client to use for te connection. In this case it is suggesting that the client has been told to use the google dns server which it is trying to do. If the client is trying to use 8.8.8.8 then it may depend on whether the client is setup to allow split tunnelling or not. I know that by default Cisco client software did not allow that, the result being that any attempt to contact an ip address outside the clients local network would be routed to the vpn server. If the vpn server was also the gateway to the internet then by default the cisco router did not allow incoming packets to be routed (they had to remain on the local network the router was on.  Using a Draytek with the default MS client would allow split tunnelling so ip addresses on the internet could be  contacted directly.  In both cases control was governed by the vpn server and what it sent to the client.

The error message suggests that the client is trying to contact 8.8.8.8 but not through the vpn. It might be worth trying a tracert to see what route is being (or not) taken to the google dns server. 

Is this affecting all or only some BT Internet users?

Are the affected users Mac users? Are the unaffected users Mac users?

2,383 Views
Message 15 of 24

Re: VPN not working from BT internet

Hi @countrypaul 

This is only affecting BT Internet users and all users are on Mac. I will try tracert tomorrow and try and narrow down the issue.

0 Ratings
Reply
2,377 Views
Message 16 of 24

Re: VPN not working from BT internet

0 Ratings
Reply
2,337 Views
Message 17 of 24

Re: VPN not working from BT internet

Yes I have, I don't believe it's actually a DNS issue, more a routing issue.
I cannot access resources with an IP address. If I try to ping an IP I get the error 'no route to host'.

0 Ratings
Reply
2,322 Views
Message 18 of 24

Re: VPN not working from BT internet

Which IPs give an error   those on the users local (home) network, those on the company network or those on the wider Internet (eg bbc.co.uk?)

Are you using IPv4 or IPv6 addresses?

What are the results of a Route print command (not sure what the Mac version is) both when connected to the vpn and not to the vpn?

0 Ratings
Reply
2,314 Views
Message 19 of 24

Re: VPN not working from BT internet

I am trying to ping an AWS hosted database so wider internet.

This is the results of a trace route when NOT connected to the VPN:
traceroute to www.google.co.uk (142.250.200.35), 64 hops max, 52 byte packets
1 192.168.1.254 (192.168.1.254) 3.249 ms 2.464 ms 2.769 ms
2 * * *
3 * * *
4 62.172.102.76 (62.172.102.76) 154.432 ms 6.135 ms
62.172.102.78 (62.172.102.78) 6.507 ms
5 peer2-et4-0-7.slough.ukcore.bt.net (62.172.102.33) 6.842 ms
62.6.204.207 (62.6.204.207) 7.979 ms
peer2-et0-0-7.slough.ukcore.bt.net (62.172.102.5) 7.275 ms
6 109.159.253.237 (109.159.253.237) 9.135 ms
195.99.126.247 (195.99.126.247) 9.533 ms
109.159.253.185 (109.159.253.185) 9.397 ms
7 * * *
8 108.170.234.220 (108.170.234.220) 12.882 ms
142.251.54.26 (142.251.54.26) 9.142 ms
142.251.54.48 (142.251.54.48) 8.765 ms
9 192.178.97.52 (192.178.97.52) 7.848 ms
142.251.52.143 (142.251.52.143) 7.520 ms
108.170.246.143 (108.170.246.143) 7.593 ms
10 lhr48s30-in-f3.1e100.net (142.250.200.35) 8.250 ms
142.250.215.205 (142.250.215.205) 7.856 ms
lhr48s30-in-f3.1e100.net (142.250.200.35) 7.679 ms

And this is when I am connected to the VPN:
traceroute: unknown host www.google.co.uk

And if I try to route to google's DNS then I get:

traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets
traceroute: sendto: No route to host

0 Ratings
Reply
2,306 Views
Message 20 of 24

Re: VPN not working from BT internet

I am hoping the Route print command (or Mac equivalent should shed some light on why.

0 Ratings
Reply