Nov
22
2011
Networking

Connection via Cisco VPN Client stops local DNS resolution

An article by Shawn No Comments
Reprint from here...
If you use the Cisco VPN Client with Windows XP, you may have noticed that all of your DNS requests go via the VPN, rather than the local network. You can test which DNS server you are using through the use of the NSLOOKUP command. The Cisco VPN Client creates a disabled Local Area Connection, to which it assigns null values until connected. When you connect using the client this connection profile becomes enabled and is set with the appropriate DNS, WINS, gateway and IP address from the other end of the VPN, usually by a DHCP server. By default when you install the client the priority of the Cisco VPN connection is higher than the default local connection assigned to your ethernet NIC or wireless card and it is this that causes two major problems for users:
  1. You cannot connect to local named servers, but you can access them by IP. The only common workaround suggested for this (see Google Groups) is to manually add them to your HOSTS file. This is not a solution that you could widely roll out to a network of users, and is a dirty hack.
  2. Your DNS resolution is SLOW. This is because your request has to go to the DNS server at the other end of the VPN, before being returned to you locally, whereby it sends you out over your local LAN to the internet as normal via your broadband router.
To test which DNS server you are using by default when connected normally, first disconnect from the VPN client and pop open a command window:
  • Start -> Run -> type "cmd"
  • type "nslookup".
You'll see something along the lines of:
C:\Documents and Settings\Administrator>nslookup
Default Server: 192.168.0.1
Address: 192.168.0.1

>
Type "exit" and then open up your Cisco VPN Client, connect via VPN, and repeat the NSLOOKUP command. You'll see the change to your default DNS server:
C:\Documents and Settings\Administrator>nslookup
Default Server: core.office.junto.co.uk
Address: 172.30.2.1

>
Now all DNS requests will go through the VPN, and not your local router. Slow and pointless (security caveats aside). Why does the Cisco VPN Client change this, and can we alter it at the client level? We don't really want to bother our over worked Cisco technician back in the office, and often he's an expensive contract resource anyway.

Most importantly why does the Cisco VPN Client connection always seem to have a higher priority than the standard local ethernet connection or wireless connection under Windows XP? My initial thought was that Cisco designed it to be this way, and there was no way to change it, but now I believe that the simple answer is one of installation order. Hence, as the connections are installed, the last one to be installed seems to be given the highest priority. Someone more knowledgeable with XP networking might be able to clarify this.
Whether or not this is true or not, the fix is to change the priority of the connections. A bit of digging around gives you some advanced settings to network connections:
  • Start -> Control Panel -> Network Connections
  • Then under the menu option Advanced -> Advanced Settings
  • Change the priority of your default local connection, to be above that of the Cisco VPN Client. The Cisco VPN Client often installs for most people as "Local Area Connection 2".
Now try the NSLOOKUP command again. You'll see something along the lines of:
C:\Documents and Settings\Administrator>nslookup
Default Server: 192.168.0.1
Address: 192.168.0.1

>
You're back to using your local DNS server, but still connected to the VPN. Problem solved. Nice! You should now be able to see your local servers inside your LAN by name, plus general browsing should be faster.
Some caveats:
  1. There may be security considerations to allowing DNS requests via the local LAN rather than the VPN. DNS works so that it rolls down the list of DNS servers, so the local LAN will ask the world for an internal DNS name first. That could give information away in terms of your local private LAN set up.
  2. I'm using an up-to-date-patched version of Windows XP Professional SP2
  3. I'm using the Cisco Client 4.0.4. Newer versions have given me grief.
  4. In the properties of the VPN profile in question (Cisco VPN Client -> Connection Entry -> Modify) the Transport tab has the option "Allow Locale LAN Access" checked.
  5. This may also be a solution for other VPN clients, but I haven't tried it.
, ,
Nov
9
2011
Scripting // Utilities // Windows // Windows 7

Sudo for Windows

An article by Shawn No Comments

With the existance of UAC in the windows world, I find my self looking for easier ways to run a command as administrator (usually via command line) without needing to turn off UAC.

Here are some useful links that helped me solve this very issue

Elevation Power Toys

http://technet.microsoft.com/en-us/magazine/2008.06.elevation.aspx  (note, you also need to sysinternals suite installed in "%ProgramFiles%\Sysinternal Suite"

Elevate Utility

http://code.kliu.org/misc/elevate/

Sudo for windows

http://sourceforge.net/projects/sudowin/

, , , ,
Jul
18
2011
Development // Utilities

Xml Formatting

An article by Shawn No Comments

Looking for a way to format XML?

http://www.bytechaser.com/en/resources/tp9h7nivzr/free-online-xml-formatting-tool.aspx

-- some others 

http://stackoverflow.com/questions/521265/any-online-xml-formatter-or-formatter-in-free-text-editor

http://www.shell-tools.net/index.php?op=xml_format

http://aaronkarp.com/prettyXML/

,
Jul
5
2011
Utilities // Windows 7

Put any application in the system tray

An article by Shawn No Comments

http://www.blogtechnika.com/how-to-send-any-application-to-system-tray-in-windows-7

,
May
23
2011
Development // Utilities

StickOut: A Desktop Sticky Notes Application in the .NET Framework 2.0

An article by Shawn No Comments

Summary: StickOut is a desktop sticky note with multi-user support and Outlook integration. As a .NET Framework 2.0 Windows Forms application, it uses .NET Remoting to communicate with other StickOut users and exchange sticky notes with them. (85 pages)

Download the associated StickOut.msi code sample.

Original Article: http://msdn.microsoft.com/en-us/library/aa480731.aspx

, , , ,
May
9
2011
Windows // Windows 7 // Utilities

A couple of useful free tools

An article by Shawn No Comments

FreeCommanderis an easy-to-use alternative to the standard windows file manager. The program helps you with daily work in Windows. Here you can find all the necessary functions to manage your data stock. You can take FreeCommander anywhere - just copy the installation directory on a CD or USB-Stick - and you can even work with this program on a foreign computer.

FuturixImager is a compact and customizable image viewer. It is capable of opening more then 40 file types, including all most popular ones (GIF, JPEG, PNG, TIFF, JPEG2000, raw, DNG).

Texter saves you countless keystrokes by replacing abbreviations with commonly used phrases you define. Unlike software-specific text replacement features, Texter runs in the Windows system tray and works in any application you're typing in. Texter can also set return-to markers for your cursor and insert clipboard contents into your replacement text, in addition to more advanced keyboard macros.

Stickies is a PC utility was written to try to cut down on the number of yellow notes I was leaving stuck to my monitor. It is a computerised version of those notes. The design goal behind Stickies is that the program is small and simple. Stickies will not mess with your system files, or write to the registry. Stickies stores information in a single text-based ini file. 

ShellRunAs is a command-line tool call Runas that is handy for launching programs under different accounts, but it’s not convenient if you’re a heavy Explorer user. ShellRunas provides functionality similar to that of Runas to launch programs as a different user via a convenient shell context-menu entry. Read more..

Command Prompt Here tool

, , ,
Oct
5
2010
Windows // Windows 7

Backup Tools

An article by Shawn No Comments

Acronis True Image (http://www.acronis.com)

DriveImage XML (http://www.runtime.org/driveimage-xml.htm)

,
Nov
30
2009
Development

A useful tool set for working with DBF files

An article by Shawn No Comments

CDBF from WhiteTown

cdbfwgui.zip (2.29 mb)

DBFViewer from cooolutils

DBFViewer.exe (1.62 mb)

And a nice shell extension for getting quick information about a DBF file

cdbfinfo.zip (341.77 kb)

Feb
8
2009
Scripting

How to replace notepad.exe on Windows Server 2008

An article by Shawn 1 Comment

Have you been looking for a way to replace all instances of notepad.exe on Windows Server 2008? If so, here is a quick and dirty batch file to help you out.

Note: I ran a "dir /s /b notepad.exe > replace_notepad.cmd" to get a list of copies of notepad.exe on the c drive, then edited the new file with what is below

@echo off 
echo Create Backup copies of the original notepad.exe 
copy C:\Windows\notepad.exe C:\Windows\notepad32.exe 
copy C:\Windows\System32\notepad.exe C:\Windows\System32\notepad32.exe
copy C:\Windows\SysWOW64\notepad.exe C:\Windows\SysWOW64\notepad32.exe

echo Take Ownership of the files rem This could be changed to use icacls now 
takeown /F C:\Windows\notepad.exe /A 
takeown /F C:\Windows\System32\notepad.exe /A 
takeown /F C:\Windows\SysWOW64\notepad.exe /A
takeown /F C:\Windows\winsxs\x86_microsoft-windows-notepadwin_31bf3856ad364e35_6.0.6001.18000_none_42c9ccdefb0d0dc9\notepad.exe /A 
takeown /F C:\Windows\winsxs\x86_microsoft-windows-notepad_31bf3856ad364e35_6.0.6001.18000_none_6f1a8d7b6fffbb73\notepad.exe /A 

takeown /F C:\Windows\winsxs\amd64_microsoft-windows-notepadwin_31bf3856ad364e35_6.1.7600.16385_none_9ebebe8614be1470\notepad.exe /A
takeown /F C:\Windows\winsxs\amd64_microsoft-windows-notepad_31bf3856ad364e35_6.1.7600.16385_none_cb0f7f2289b0c21a\notepad.exe /A
takeown /F C:\Windows\winsxs\wow64_microsoft-windows-notepad_31bf3856ad364e35_6.1.7600.16385_none_d5642974be118415\notepad.exe /A

echo Assign full rights to the administrators group 
icacls c:\windows\notepad.exe /grant Administrators:F 
icacls C:\Windows\System32\notepad.exe /grant Administrators:F
icacls C:\Windows\SysWOW64\notepad.exe /grant Administrators:F
icacls C:\Windows\winsxs\x86_microsoft-windows-notepadwin_31bf3856ad364e35_6.0.6001.18000_none_42c9ccdefb0d0dc9\notepad.exe /grant Administrators:F 
icacls C:\Windows\winsxs\x86_microsoft-windows-notepad_31bf3856ad364e35_6.0.6001.18000_none_6f1a8d7b6fffbb73\notepad.exe /grant Administrators:F 

icacls C:\Windows\winsxs\amd64_microsoft-windows-notepadwin_31bf3856ad364e35_6.1.7600.16385_none_9ebebe8614be1470\notepad.exe /grant Administrators:F 
icacls C:\Windows\winsxs\amd64_microsoft-windows-notepad_31bf3856ad364e35_6.1.7600.16385_none_cb0f7f2289b0c21a\notepad.exe /grant Administrators:F 
icacls C:\Windows\winsxs\wow64_microsoft-windows-notepad_31bf3856ad364e35_6.1.7600.16385_none_d5642974be118415\notepad.exe /grant Administrators:F 

echo Copy new notepad.exeover the original versions 
copy /y C:\notepad.exe C:\Windows\notepad.exe 
copy /y C:\notepad.exe C:\Windows\System32\notepad.exe 
copy /y C:\notepad.exe C:\Windows\SysWOW64\notepad.exe
copy /y C:\notepad.exe C:\Windows\winsxs\x86_microsoft-windows-notepadwin_31bf3856ad364e35_6.0.6001.18000_none_42c9ccdefb0d0dc9\notepad.exe
copy /y C:\notepad.exe C:\Windows\winsxs\x86_microsoft-windows-notepad_31bf3856ad364e35_6.0.6001.18000_none_6f1a8d7b6fffbb73\notepad.exe

copy /y C:\notepad.exe C:\Windows\winsxs\amd64_microsoft-windows-notepadwin_31bf3856ad364e35_6.1.7600.16385_none_9ebebe8614be1470\notepad.exe
copy /y C:\notepad.exe C:\Windows\winsxs\amd64_microsoft-windows-notepad_31bf3856ad364e35_6.1.7600.16385_none_cb0f7f2289b0c21a\notepad.exe
copy /y C:\notepad.exe C:\Windows\winsxs\wow64_microsoft-windows-notepad_31bf3856ad364e35_6.1.7600.16385_none_d5642974be118415\notepad.exe

notepad.exe (17.50 kb)

replace_notepad.cmd (3.64 kb)

,