USG site-to-site VPN DNS issues


#1

Has anyone here setup site-to-site VPN with 5-6 sites using the USG and experienced DNS issues?
We recently took over a customer, been fixing issue after issue and finally got around to replacing the sonicwall firewalls which had their licenses expired with some USG’s.
Initially all seemed well but we then started getting calls about employees not being able to access shared drives from some of the remote locations.
Ping test worked on IP address but not host name, suddenly after about 5-10 minutes later we can ping and they can access the drive just fine.

All sites network have the primary DNS set tot eh Windows server dns IP with the USG IP set as the secondary DNS.
The site-to-site VPN’s were set on the usg where the windows server is located.
Network is a 10.30.xx.xx
Can’t think at the moment what other info anyone might need, but any help is appreciated.


#2

Two things, verify that connectivity is not dropping over the VPN and then try taking out the DNS entries for the USG. I am guessing that the computers are favoring the faster DNS of the USG and not trying the Windows Domain DNS.


#3

Forgot to come back and reply but after a few weeks, yes it looks like the clients were favoring the USG’s DNS, once that was removed everything seems to be working fine.

Thanks for the help.