Hello Dan,
Hope you have a lovely day!
It sounds like you're dealing with a challenging issue where a sudden failure in DNS resolution is preventing remote connections to a VPN server. Here are several troubleshooting steps you might consider to diagnose and potentially resolve the issue:
1. Verify DNS Settings:
- Ensure that the DNS settings on the VPN server are correct and that it can reach its configured DNS servers. You can test this by trying to resolve external domain names from the server itself.
- Check if the DNS records for the VPN server, particularly those that are used for remote access, are correctly configured and propagated. This includes verifying A or CNAME records associated with the VPN server’s hostname.
2. Check External Accessibility:
- Since you mentioned the server is accessible locally but not externally, ensure that nothing has changed with your NAT (Network Address Translation) settings on your firewall or router. Double-check that the public IP is correctly forwarding traffic to the internal IP of the VPN server.
- Test connectivity from outside your network (e.g., using a mobile hotspot) to confirm whether the issue is isolated to internal network configurations or DNS resolution problems.
3. Firewall and Security Settings:
- Even though no changes were reported, it’s worth reviewing the firewall rules and any security appliances that might be blocking or filtering DNS traffic or VPN traffic. Ensure that the necessary ports are open and pointed to the correct internal IP address.
4. DNS Flush and Register:
- On the VPN server, you can attempt to flush the DNS resolver cache (
ipconfig /flushdns
) and then register the DNS records again (ipconfig /registerdns
). This can sometimes resolve issues where stale DNS records are causing resolution problems.
5. Event Logs and Error Messages:
- Check the Windows Event Viewer for any network-related errors or warnings that could provide more insight into what might be failing. Look specifically under the System and Application logs.
6. VPN Server Configuration Check:
- Revisit the VPN configuration settings on the Windows Server 2019 to ensure that everything is set up as expected. Sometimes, configuration files can become corrupted or settings inadvertently changed.
7. Network Monitoring Tools:
- Use network monitoring tools to capture packets on the VPN server. Tools like Wireshark can help you determine if the DNS queries are leaving the server and if responses are being received.
8. Consult ISP:
- There might be an issue with the ISP related to DNS or other routing issues which can impact connectivity. It’s a good idea to check with them if there are any known issues or maintenance activities that might be affecting service.
9. Rebuild the DNS or Domain Controller:
- Given that this is a relatively new setup and the previous MSP configuration was not ideal, there might be underlying issues with DNS services on the domain controller. Consider setting up a secondary DNS server or rebuilding the DNS configuration to ensure it’s set up correctly and robustly.
Best regards
Rosy