VPN Connected Machines are registering incorrect IP address in our DNS
Using F5 APM 12.1.2 Build 0.93.249 Engineering Hotfix
We have selected to register machines in DNS when connecting through the VPN. We do this since we have many employees using laptops issued by us and our support staff needs to be able to do remote support on any VPN connected machines. We only allow VPN access to our machines – privately owned machines are not allowed to use the VPN.
We have noticed recently that when these machines connect via VPN and register their addresses in DNS, they are registering the IP address of the local Ethernet adapter – not the address assigned to the virtual VPN adapter.
Here’s a quick list of what happens:
- The employees logs in through the VPN and receives one of the addresses from our iP pool (routable addresses on our subnet).
- The machine registers in DNS with the correct address from the IP Pool.
- After about 5 or 10 minutes the DNS record is updated to reflect the address of its local Ethernet connection – not the address assigned to the virtual adapter.
- This local address is usually a private address (192.168.x.x) and is of course un-reachable from our network.
The following options are selected:
- Register this connection's addresses in DNS
- Use this connection's DNS suffix in DNS registration
- Enforce DNS search order
The following options are NOT selected:
- Allow local subnet
- Allow local DNS servers
- Prohibit routing table changes during Network Access connection.
There is no negative impact to the connected user. They can still access the resources they need.
Any ideas as to what is causing the registered address to change from the pool address issued to the virtual adapter to the local address issued to the Ethernet connection?