I'm not having a problem per se, but I'm trying to find out why something I use to troubleshoot connectivity problems work.

I deal with laptops that connect to a VPN using a software called Cisco AnyConnect VPN Client. In order to connect to these servers, the person connecting first needs to connect to the Internet and then connect to the VPN.

Quite often, a problem occurs with the connection where when they connect to the internet, websites load extremly slow and the servers aren't found to connect to when the VPN software is opened.

It's not just any website that loads slowly, it's every website and behaves as if there's a proxy set (there isn't in ie options). It loads slowly but eventually loads. My assumption is the same thing that's affecting the ie browser is also affecting the server ip addresses and somehow is being translated incorrectly.

To fix it, I disconnect them from the internet and from the command prompt have them type in ipconfig /flushdns then turn the modem and router back on.

What I'm confused about is why does this work. Generally, rebooting the laptop has the same effect as doing an ipconfig /flushdns, or so I was told but this doesn't seem to be the case. Simply rebooting the machine doesn't resolve the issue. That command must be done or it doesn't work.

If I type in ipconfig /displaydns after a reboot, there's still information there. So does rebooting the machine not remove the DNS Cache?

Does anyone have any insight to why this works or where I could look to get some more information?

Recommended Answers

All 2 Replies

The command IPCONFIG /flushdns only clears the cache. Yes, rebooting the computer will clear the cache. however, during the initialization of windows and login process, it is not uncommon to find entries in the cache when you check. This is because Windows is already connecting to different services behind the scenes and uses DNS to resolve resource names. Depending on what you find in the cache, you may have to do additional research as why there are entries in there. One place to look is the HOSTS file. entries in the HOSTS file will automatically be cached without any additional steps.

You can also run some packet captures when browsing is slow. There may be a bad flow of DNS resolution. IN other words, you may be configuring the clients to use a set of DNS servers, which in turn, those DNS servers, query other DNS, so on an so on. Take a look at the DNS client config and see if the flow makes sense, or you may need to change the dNS client config is you are creating unnecessary hops or a dns "loop".

Well on the DNS I beleive you have to use the DNS at the home office once VPN'd in because you need remote desktop services or something and only the internal DNS server can resolve them. What I would look at is the client software settings in Cisco Anyconenct and see if there is a setting for Internet access. In short if you connet to the VPN am I getting DNS and Internet through the VPN tunnel. If so that will be much slower than going out the users Internet conenction. I see this happen alot with Windows VPN setups. User only should use corporate DNS and only tunnel through to services need on the VPN network like Email, Files or Remote Desktop access. All other services like surfing the web should still use corporate DNS but upload and download via thier Internet conenction and own default gateway, not through the corp VPN.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.