1
Vraag
2
Reacties
3
Oplossing
loldean

Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

Work VPN connects but unable to access resources

I'm having a problem with my work VPN. Internet works fine and is fast, but there's some settings in the modem/router that seem to be interferring with my work vpn.

 

My work vpn is able to connect successfully, but I'm unable to access any of the resources that are privately available. Specifically servers that our tech company uses for development.

 

I've never had this problem before and when I checked in my old apartment before moving out, it worked instantly again with no problem. It worked in my GF's old apartment and my work. It also worked on my phone hotspot. But not my home wifi. I have the black smart wifi SmartWifi modem (black) | Customer service | Ziggo

 

I've had IPv4 activated but when I run ipconfig on windows powershell it still gives back an IPv6 hex address in the default gateway. I've uninstalled/reinstalled the wifi adapter and did ipconfig /flushdns but neither made any differences. I've unplugged and replugged the modem with no effect.

 

This is a huge priority for me to have fixed as I cannot work from home until it's resolved.

Oplossingen

Geaccepteerde oplossingen
loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

Okay! I just found a solution!

 

I went to my company's portal (azure) to where they define the DNS Zones (above screenshot). Beforehand I only updated the windows /etc/hosts file with the IPs and names, but by copy/pasting the same values into (ubuntu) WSL's /etc/hosts, I was able to get localhost working. Maybe not the most elegant solution, and I'll need to update whenever the servers are updated, but it works for now.

 

Later will try @tobiastheebe's nslookup to avoid needing to make a giant list of IPs. But for now, I'm at least able to work from home!

 

Big thank you to @tobiastheebe and @efok and @Bert for responding and walking me through various troubleshooting. You helped me understand the problem a bit better (and moral support I wasn't doing this alone).  

Bekijk in context

bertus12

Level 8
  • 215Posts
  • 7Oplossingen
  • 119Likes

The ideal whay to do it, is like this:

 

  • Configure the Azure VPN Gateway for P2S Connection and the proper routes to IP networks beyond the actual connected Azure VNet:
    • This could be IP Routes to the Peered-Azure-VNets (link)
    • This could be IP Routes to the Azure Resources with so called "Service Endpoints"
    • These 2 bullets above require some scripting to go through all Peered-Azure-VNets and Azure Resources with "Service Endpoints". The config is stored in the Azure VPN Gateway P2S Settings.
  • Azure Resources using Private Endpoint should be configured correctly with Azure Private DNS
    • Follow When applicable, follow these instructions: link
  • Make sure you also have a DNS Server running in the Azure VNet
    • This can be really simple like an ACI (Azure Container Instance) running Pi-Hole, where every incomming DNS request is forwarded from the Pi-Hole to the Azure DNS in the VNet: 168.63.129.16
    • The ACI gets an IP Address in the Azure VNet (so that is not 168.63.129.16). Requires some scripting to get that IP. Remember this IP for the below step.
  • Then you come to the config-file for the Azure VPN Client
    • This is configured by an XML file and can be exported from the Azure VPN gateway. Because of the config of the Azure VPN Gateway P2S Settings, the IP routes should be automatically in there.
    • Then manually/scripted, Add (link) the DNS Server of the ACI Instance (running PiHole) to this XML file.

Then you are ready to go:

Distribute the XML file to people who need access. And configuration of the Azure VPN Client will go automatically. No need to do local things to the hosts file or so.

 

Works for Mac and Windows. When properly configured then the Azure VPN Gateway for P2S Connection should also use AzureAD Identities, MultiFactor Authentication and Confitional Access.

Bekijk in context

33 Reacties 33
Meldingen
Aan Uit
Bert

Level 21
T.E.A.M.
  • 79099Posts
  • 5345Oplossingen
  • 23678Likes

Try this:

 

Bert_0-1674033709722.png

 

loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

Thank you for the response Bert!

 

I've already tried this, and while it does update my default gateway to IPv4, it still doesn't correct my work problem. When I run ipconfig in powershell the default gateway was IPv4 but the IPv6 address was still present (not sure what effect/difference that makes)

 

Perhaps I need to reset something? Over chat another representative confirmed I have IPv4 activated, so if I see IPv6 does that mean I didn't reset something properly?

tobiastheebe

Level 20
T.E.A.M.
  • 35112Posts
  • 2589Oplossingen
  • 17670Likes

After logging in to the modem's web interface at 192.168.178.1 or 192.168.100.1:

 

Could you adjust the firewall settings for IPv4 and (if available) IPv6, disabling all options except 'Firewall security'? See the Advanced settings, Security, Firewall page.

 

What is the MTU value currently set to? See the Advanced settings, Tools, MTU size page.

loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

I've turning off all the settings and no success. I've tried leaving only IPv4 firewall toggled on (all else turned off) and no success

 

My MTU: 

Gateway MTU size: 1500
 

loldean_0-1674060067529.png

 

 

Should I paste the values of my ipconfig?

tobiastheebe

Level 20
T.E.A.M.
  • 35112Posts
  • 2589Oplossingen
  • 17670Likes

MTU setting is OK, you may re-enable Firewall protection for both IPv4 and IPv6.

 

The ipconfig /all output might reveal something, please post the details of both interfaces (ethernet/Wi-Fi and VPN).

loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

Just re-enabled firewall security on both IPv4 and IPv6

 

here's the output of ipconfig /all

 

with work VPN

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-AHDJTST
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : arnhem.chello.nl

Wireless LAN adapter Local Area Connection* 1:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 9E-B6-D0-3E-A9-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : AE-B6-D0-3E-A9-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : arnhem.chello.nl
   Description . . . . . . . . . . . : Killer Wi-Fi 6 AX500-DBS Wireless Network Adapter
   Physical Address. . . . . . . . . : 9C-B6-D0-3E-A9-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2a02:a210:8c0:1d80:c4bb:67d2:7e6f:7fcf(Preferred)
   Temporary IPv6 Address. . . . . . : 2a02:a210:8c0:1d80:1ca7:723d:7987:87b0(Preferred)
   Link-local IPv6 Address . . . . . : fe80::466b:659c:5a1a:2fdf%8(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.178.42(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, January 18, 2023 5:29:07 PM
   Lease Expires . . . . . . . . . . : Thursday, January 19, 2023 5:48:20 PM
   Default Gateway . . . . . . . . . : 192.168.178.1
   DHCP Server . . . . . . . . . . . : 192.168.178.1
   DHCPv6 IAID . . . . . . . . . . . : 144488144
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2B-57-16-DC-9C-B6-D0-3E-A9-F9
   DNS Servers . . . . . . . . . . . : 2001:730:3e42:1000::53
                                       2001:730:3e42::53
                                       213.46.228.196
                                       62.179.104.196
   NetBIOS over Tcpip. . . . . . . . : Enabled

PPP adapter vnet-gvr-dev-001:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : vnet-gvr-dev-001
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.249.10.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 28-C2-1F-53-00-F4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter vEthernet (WSL):

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 00-15-5D-70-19-40
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a5c1:b222:431b:7439%44(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.27.208.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.240.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 738202973
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2B-57-16-DC-9C-B6-D0-3E-A9-F9
   NetBIOS over Tcpip. . . . . . . . : Enabled

 

 

without work vpn

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-AHDJTST
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : arnhem.chello.nl

Wireless LAN adapter Local Area Connection* 1:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 9E-B6-D0-3E-A9-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : AE-B6-D0-3E-A9-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : arnhem.chello.nl
   Description . . . . . . . . . . . : Killer Wi-Fi 6 AX500-DBS Wireless Network Adapter
   Physical Address. . . . . . . . . : 9C-B6-D0-3E-A9-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2a02:a210:8c0:1d80:c4bb:67d2:7e6f:7fcf(Preferred)
   Temporary IPv6 Address. . . . . . : 2a02:a210:8c0:1d80:1ca7:723d:7987:87b0(Preferred)
   Link-local IPv6 Address . . . . . : fe80::466b:659c:5a1a:2fdf%8(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.178.42(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, January 18, 2023 5:29:07 PM
   Lease Expires . . . . . . . . . . : Thursday, January 19, 2023 5:48:20 PM
   Default Gateway . . . . . . . . . : 192.168.178.1
   DHCP Server . . . . . . . . . . . : 192.168.178.1
   DHCPv6 IAID . . . . . . . . . . . : 144488144
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2B-57-16-DC-9C-B6-D0-3E-A9-F9
   DNS Servers . . . . . . . . . . . : 2001:730:3e42:1000::53
                                       2001:730:3e42::53
                                       213.46.228.196
                                       62.179.104.196
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 28-C2-1F-53-00-F4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter vEthernet (WSL):

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 00-15-5D-70-19-40
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a5c1:b222:431b:7439%44(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.27.208.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.240.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 738202973
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2B-57-16-DC-9C-B6-D0-3E-A9-F9
   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Let me find an ethernet adapter to test ethernet and I'll update/respond further with those details. The above is with wifi

 

I also checked a "what is my ip" type of site and I see that it detects me as using IPv4

 

loldean_0-1674061286717.png

 

 

loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

I made a post but after refreshing I don't see it. So reposting, apologies if this shows as two posts.

 

on wifi WITHOUT vpn

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-AHDJTST
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : arnhem.chello.nl

Wireless LAN adapter Local Area Connection* 1:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 9E-B6-D0-3E-A9-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : AE-B6-D0-3E-A9-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : arnhem.chello.nl
   Description . . . . . . . . . . . : Killer Wi-Fi 6 AX500-DBS Wireless Network Adapter
   Physical Address. . . . . . . . . : 9C-B6-D0-3E-A9-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2a02:a210:8c0:1d80:c4bb:67d2:7e6f:7fcf(Preferred)
   Temporary IPv6 Address. . . . . . : 2a02:a210:8c0:1d80:1ca7:723d:7987:87b0(Preferred)
   Link-local IPv6 Address . . . . . : fe80::466b:659c:5a1a:2fdf%8(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.178.42(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, January 18, 2023 5:29:07 PM
   Lease Expires . . . . . . . . . . : Thursday, January 19, 2023 5:48:20 PM
   Default Gateway . . . . . . . . . : 192.168.178.1
   DHCP Server . . . . . . . . . . . : 192.168.178.1
   DHCPv6 IAID . . . . . . . . . . . : 144488144
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2B-57-16-DC-9C-B6-D0-3E-A9-F9
   DNS Servers . . . . . . . . . . . : 2001:730:3e42:1000::53
                                       2001:730:3e42::53
                                       213.46.228.196
                                       62.179.104.196
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 28-C2-1F-53-00-F4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter vEthernet (WSL):

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 00-15-5D-70-19-40
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a5c1:b222:431b:7439%44(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.27.208.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.240.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 738202973
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2B-57-16-DC-9C-B6-D0-3E-A9-F9
   NetBIOS over Tcpip. . . . . . . . : Enabled

 

on wifi WITH vpn

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-AHDJTST
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : arnhem.chello.nl

Wireless LAN adapter Local Area Connection* 1:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 9E-B6-D0-3E-A9-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : AE-B6-D0-3E-A9-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : arnhem.chello.nl
   Description . . . . . . . . . . . : Killer Wi-Fi 6 AX500-DBS Wireless Network Adapter
   Physical Address. . . . . . . . . : 9C-B6-D0-3E-A9-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2a02:a210:8c0:1d80:c4bb:67d2:7e6f:7fcf(Preferred)
   Temporary IPv6 Address. . . . . . : 2a02:a210:8c0:1d80:1ca7:723d:7987:87b0(Preferred)
   Link-local IPv6 Address . . . . . : fe80::466b:659c:5a1a:2fdf%8(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.178.42(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, January 18, 2023 5:29:07 PM
   Lease Expires . . . . . . . . . . : Thursday, January 19, 2023 5:48:19 PM
   Default Gateway . . . . . . . . . : 192.168.178.1
   DHCP Server . . . . . . . . . . . : 192.168.178.1
   DHCPv6 IAID . . . . . . . . . . . : 144488144
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2B-57-16-DC-9C-B6-D0-3E-A9-F9
   DNS Servers . . . . . . . . . . . : 2001:730:3e42:1000::53
                                       2001:730:3e42::53
                                       213.46.228.196
                                       62.179.104.196
   NetBIOS over Tcpip. . . . . . . . : Enabled

PPP adapter vnet-gvr-dev-001:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : vnet-gvr-dev-001
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.249.10.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 28-C2-1F-53-00-F4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter vEthernet (WSL):

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 00-15-5D-70-19-40
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a5c1:b222:431b:7439%44(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.27.208.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.240.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 738202973
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2B-57-16-DC-9C-B6-D0-3E-A9-F9
   NetBIOS over Tcpip. . . . . . . . : Enabled

 

loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

Weird, I am making responses but they don't seem to be appearing. Making a 3rd post. Apologies if this all shows up at once.

 

without work vpn

Windows IP Configuration


Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . : arnhem.chello.nl
IPv6 Address. . . . . . . . . . . : 2a02:a210:8c0:1d80:c4bb:67d2:7e6f:7fcf
Temporary IPv6 Address. . . . . . : 2a02:a210:8c0:1d80:1ca7:723d:7987:87b0
Link-local IPv6 Address . . . . . : fe80::466b:659c:5a1a:2fdf%8
IPv4 Address. . . . . . . . . . . : 192.168.178.42
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.178.1

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Ethernet adapter vEthernet (WSL):

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::a5c1:b222:431b:7439%44
IPv4 Address. . . . . . . . . . . : 172.27.208.1
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Default Gateway . . . . . . . . . :

 

 

with work vpn

Windows IP Configuration


Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . : arnhem.chello.nl
IPv6 Address. . . . . . . . . . . : 2a02:a210:8c0:1d80:c4bb:67d2:7e6f:7fcf
Temporary IPv6 Address. . . . . . : 2a02:a210:8c0:1d80:1ca7:723d:7987:87b0
Link-local IPv6 Address . . . . . : fe80::466b:659c:5a1a:2fdf%8
IPv4 Address. . . . . . . . . . . : 192.168.178.42
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.178.1

PPP adapter vnet-gvr-dev-001:

Connection-specific DNS Suffix . :
IPv4 Address. . . . . . . . . . . : 10.249.10.3
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Ethernet adapter vEthernet (WSL):

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::a5c1:b222:431b:7439%44
IPv4 Address. . . . . . . . . . . : 172.27.208.1
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Default Gateway . . . . . . . . . :

tobiastheebe

Level 20
T.E.A.M.
  • 35112Posts
  • 2589Oplossingen
  • 17670Likes

Which type of VPN application/tunnel is being used?

 

Could you run a traceroute to a host behind the VPN tunnel and post the redacted output?

loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

I'm using Azure VPN client

 

What command is the traceroute on powershell? And by host do you mean any website (like google.com) or the website of the resource I'm trying to access?

loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

Aha, here's a tracert to google.com with the VPN on

 

Tracing route to google.com [216.58.214.14]
over a maximum of 30 hops:

1 3 ms 3 ms 3 ms 192.168.178.1
2 * * * Request timed out.
3 13 ms 16 ms 11 ms

tobiastheebe

Level 20
T.E.A.M.
  • 35112Posts
  • 2589Oplossingen
  • 17670Likes

Example: tracert companyserver.com

 

Unless the Azure VPN Client is configured for full tunnel, traffic to a public internet resource such as Google will not pass through the tunnel. Since the traceroute to Google is using Wi-Fi as the outbound interface, this implies split tunnel is in use.

loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

I did all the following with the VPN turned on

 

I did a test with the production site (no vpn needed, available to public) and the development version (vpn needed)

 

Tracing route to [production site].nl

[20.101.213.75]
over a maximum of 30 hops:

1 3 ms 2 ms 2 ms 192.168.178.1
2 * * * Request timed out.
3 13 ms 12 ms 11 ms asd-[redacted]-201.core.as33915.net [213.51.164.13]
4 8 ms 16 ms 13 ms asd-[redacted]-2.core.as33915.net [213.51.7.114]
5 11 ms 8 ms 9 ms nl-[redacted]-50.core.as9143.net [213.51.64.58]
6 14 ms 9 ms 10 ms ae61[redacted]-1b.ntwk.msn.net [104.44.13.122]
7 11 ms 10 ms 14 ms ae29-[redacted]-2.ams30.ntwk.msn.net [104.44.239.81]
8 * * * Request timed out.
9 * * * Request timed out.
10 *

 


> tracert [development link].nl
Unable to resolve target system name [development link].nl.

loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

Other troubleshooting:

 

I tried updating the /etc/hosts file (on windows not wsl) with some direct server links and the ipaddress 

 

10.[redacted].254 app.[development server].nl

 

This got the site to load, but won't work while developing (react app with a server using localhost:5000 and localhost:3000). I'm assuming there's a more exhaustive list of servers to add.

 

But this solution is not needed on any other wifi that i connect to. Really don't want to have to keep updating a hosts file when it seems the problem is with something on my home wifi.

tobiastheebe

Level 20
T.E.A.M.
  • 35112Posts
  • 2589Oplossingen
  • 17670Likes

Which server is being used for DNS lookups to development FQDNs? You may verify this by running the command below. Since the servers are using internal (RFC 1918) IP addresses, the Azure DNS server as provided by the VPN tunnel must be used, instead of Ziggo's or other public DNS servers.

 

nslookup app.[developmentserver].nl

loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

The public site isn't actually available to be queried/nslookup I think. Even though it says server unknown, anyone can access the production site.

 

> nslookup app.[production/public site].nl
Server: UnKnown
Address: 2001:730:3e42:1000::53

*** UnKnown can't find app.[production/public site].nl: No response from server


> nslookup app.[development site].nl
Server: UnKnown
Address: 2001:730:3e42:1000::53

*** UnKnown can't find app.[development site].nl: No response from server

 

For reference, without VPN

> nslookup google.com
Server: UnKnown
Address: 2001:730:3e42:1000::53

*** UnKnown can't find google.com: No response from server

tobiastheebe

Level 20
T.E.A.M.
  • 35112Posts
  • 2589Oplossingen
  • 17670Likes

Are these the same FQDNs that you included in the hosts file? If so, that would explain these results. The IPv6 address belongs to one of Ziggo's DNSv6 servers, which cannot be used for lookups to the company servers with local IP addresses.

 

Is IPv6 still disabled on your PC's Wi-Fi interface? The previous ipconfig outputs imply it is enabled.

loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

I reenabled it to avoid setting a bunch of settings, but just disabled it again on my computer's wifi properties.

 

Right now doing a reset on my SmartWifi modem (held the reset button for 20 seconds). 

 

I'll post the lookups again once wifi is up, and before I run the nslookup I'll reset my hosts file to default.

loldean
Topicstarter
Level 3
  • 20Posts
  • 1Oplossingen
  • 4Likes

Okay wifi is up. Have the VPN toggled ON:

These addresses are different from what I added to my hosts file previously

10.13.15.254 app.[development].nl

 

Before I edited hosts:

> nslookup google.com
Server: ns02.upclive.nl
Address: 213.46.228.196

Non-authoritative answer:
Name: google.com
Addresses: 2a00:1450:400e:811::200e
142.251.39.110

 

> nslookup app.[production].nl
Server: ns02.upclive.nl
Address: 213.46.228.196

Non-authoritative answer:
Name: app.[production].nl
Address: 20.101.213.75

 

> nslookup app.[development].nl
Server: ns02.upclive.nl
Address: 213.46.228.196

DNS request timed out.
timeout was 2 seconds.
*** Request to ns02.upclive.nl timed-out

 

after I edited hosts to be default

 

> nslookup google.com
Server: ns02.upclive.nl
Address: 213.46.228.196

Non-authoritative answer:
Name: google.com
Addresses: 2a00:1450:400e:811::200e
142.251.39.110

 

> nslookup app.[production].nl
Server: ns02.upclive.nl
Address: 213.46.228.196

Non-authoritative answer:
Name: app.[production].nl
Address: 20.101.213.75

 

> nslookup app.[development].nl
Server: ns02.upclive.nl
Address: 213.46.228.196

DNS request timed out.
timeout was 2 seconds.
*** Request to ns02.upclive.nl timed-out

 

ipconfig /all (with ipv6 disabled on my laptop)

 

Windows IP Configuration

Host Name . . . . . . . . . . . . : DESKTOP-AHDJTST
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : arnhem.chello.nl

Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 9E-B6-D0-3E-A9-F9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
Physical Address. . . . . . . . . : AE-B6-D0-3E-A9-F9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . : arnhem.chello.nl
Description . . . . . . . . . . . : Killer Wi-Fi 6 AX500-DBS Wireless Network Adapter
Physical Address. . . . . . . . . : 9C-B6-D0-3E-A9-F9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.178.42(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, January 18, 2023 7:27:21 PM
Lease Expires . . . . . . . . . . : Thursday, January 19, 2023 7:28:15 PM
Default Gateway . . . . . . . . . : 192.168.178.1
DHCP Server . . . . . . . . . . . : 192.168.178.1
DNS Servers . . . . . . . . . . . : 213.46.228.196
62.179.104.196
NetBIOS over Tcpip. . . . . . . . : Enabled

PPP adapter vnet-gvr-dev-001:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vnet-gvr-dev-001
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.249.10.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 28-C2-1F-53-00-F4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter vEthernet (WSL):

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter
Physical Address. . . . . . . . . : 00-15-5D-70-19-40
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a5c1:b222:431b:7439%44(Preferred)
IPv4 Address. . . . . . . . . . . : 172.27.208.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 738202973
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2B-57-16-DC-9C-B6-D0-3E-A9-F9
NetBIOS over Tcpip. . . . . . . . : Enabled