VPN

All posts tagged VPN

Set “Register this connection’s addresses in DNS” for a VPN connection

Posted by Adnan Riaz on March 12, 2021
Posted in: DNS, Networking, Windows. Tagged: , , . Leave a Comment

While working on a project I came across a problem for the VPN users. The VPN users machines were not registering their VPN assigned IPs to the DNS server and therefore the servers were not able to locate them by using their machine names. The setting “Register this connection’s addresses in DNS“ (as show in the screenshot below) makes this happen and it is not on/checked by default.

After doing a lot of googling I found out that the PowerShell commands to change the network adapter properties won’t work since VPN connection adapter is only visible when the VPN is connected or in other words when the VPN connection is in use. I also found out that these settings are stored in the file “rasphone.pbk”. Now the problem is that this file can exist in the following folders based on how the VPN connection was configured:

C:\ProgramData\Microsoft\Network\Connections\Pbk\rasphone.pbk
C:\Users\USERNAME\AppData\Roaming\Microsoft\Network\Connections\Pbk\rasphone.pbk

So to set this settings however the VPN was configured, I wrote the following script which resolved our issue.

$users = Get-ChildItem C:\Users
foreach ($user in $users) {
	$folder = "$($user.fullname)\AppData\Roaming\Microsoft\Network\Connections\PBK\rasphone.pbk"
	If (Test-Path $folder) {
		$RASPhoneBook = $folder
		(Get-Content $RASPhoneBook) -Replace 'IpDnsFlags=0', 'IpDnsFlags=1' | Set-Content $RASPhoneBook
	}
}

foreach ($user in $users) {
	$folder = "$($user.fullname)\AppData\Roaming\Microsoft\Network\Connections\PBK\_hiddenPbk\rasphone.pbk"
	If (Test-Path $folder) {
		$RASPhoneBook = $folder
		(Get-Content $RASPhoneBook) -Replace 'IpDnsFlags=0', 'IpDnsFlags=1' | Set-Content $RASPhoneBook
	}
}

$folder = "C:\ProgramData\Microsoft\Network\Connections\Pbk\rasphone.pbk"
If (Test-Path $folder) {
	$RASPhoneBook = $folder
	(Get-Content $RASPhoneBook) -Replace 'IpDnsFlags=0', 'IpDnsFlags=1' | Set-Content $RASPhoneBook
}

What it does is, first it looks for this file in the specified folder for all the users, and then when it finds this file, it sets this “Register this connection’s addresses in DNS”. Then it looks for the file in “C:\ProgramData” folder and if it finds this file, it sets this setting there also. This resolved the issue for us for all the machines.

Thanks for reading this and I hopes it solves your problem too.

Juniper Network Connect and OSX Mavericks Problems

Posted by Adnan Riaz on January 6, 2014
Posted in: Mac OSX. Tagged: , , , . 4 comments

When I upgraded my Macbook to Mavericks, I started having problems with my VPN. Network Connect client started failing to launch or install. I went online and started searching for a solution. I found the solution to allow Network Connect to launch or install. I was able to connect to my VPN but then I faced another issue. After a few minutes Network Connect seemed to stop routing traffic on VPN tunnel. I search online and found out there are people having this issue but found no solution to it. I started researching the cause and finally was able to create a solution myself that I would like to share with you all.

So, actually there are two issues with Network Connect and Mavericks.

Issue No. 1:

Network Connect fails to launch or install.

Solution:

This solution available on forums etc.  What you need to do is go to Safari menu, then Security / Manage Website settings then go down to Java plugin. Select the URL of your VPN and set it to run in Unsafe mode / Always allow.

Issue No. 2:

Network Connect stops forwarding traffic to the VPN Tunnel after a few minutes.

Solution:

What I found out was that the OSX was losing ARP entry for the gateway after a few minutes and therefore stopped forwarding any traffic. I went ahead and wrote a small script myself. What this script does is that it saves the current ARP entry for the gateway in a variable and then refreshes the ARP tables with this entry every second. So even if OSX loses the ARP entry for the gateway, this scripts puts it back and the traffic keeps on flowing. I have tested this script on a few Macbooks and it works fine. Juniper says they will be releasing a new version of Network Connect that will fix this issue, until then this script is a good workaround.

What you need to do is that before starting up your VPN connection do the following:

  • Open Terminal Window
  • Type “sudo su -“, then enter your user password when you see the password prompt
  • run “./arprefresh.sh”
  • Leave the Terminal Window open and start your VPN
  • DO NOT CLOSE TERMINAL WINDOW, leave it running while you work on the VPN

If this script works for you and solves your issue, please leave a comment.

Download the script below

Icon

ARP Refresh Script

1 file(s) 0.22 KB
Download