Solved? - Cisco VPN & Windows DNS issues - Can't ping FQ

I may have figured this one out. See my post below
============================================
Hi all. We have a wierd problem at work that our vpn/router configuration people (read outsourced) can't seem to figure out. They keep saying it's a DNS issue which I am likely to believe, but I cannot seem to rule out either DNS or the VPN Concentrator.

Our remote users connect to our Cisco VPN 3000 Concentrator with the Cisco VPN Client, authenticate (Windows 2003 Active Directory) and are ready to go. No auth problems. The problem is when they open up Outlook 2000-2003 it will hang for almost 5 minutes while it tries to find emailserver.fqdn. When I tried this at home on high speed and on a dialup connection I could ping the server by name (like WINS: servername), but it will always time out when I ping by FQDN (emailserver.fqdn). It looks like a DNS issue, but here's the catch...

We have several consultants for a project that are NOT domain users (laptops not joined to the domain) and they can ping all day long by name or FQDN. We have double/triple checked the Group settings, auth, dns, wins, everything looks good.

Any help or ideas would be great. Oh and I have fallen into a network/server administrator position when our admin decided to take another job and they divided up the duties I have some concepts down about VPN/DNS, but no real fundamentals. I will be reading the docs on DNS here at this site.

Thanks for any help
Will

Welcome to firewall.cx, Will. Definitely sounds like a DNS issue. Just one question to hopefully shed some more light on the problem. How do the consultants you mentioned connect to your network? Do they also connect through the VPN or do they plug in on-site?

Welcome to firewall.cx, Will. Definitely sounds like a DNS issue. Just one question to hopefully shed some more light on the problem. How do the consultants you mentioned connect to your network? Do they also connect through the VPN or do they plug in on-site?

When the consultants are on site they just plug into our network, no VPN used.

When they are working out of hotel rooms, regular or home offices, etc. they connect to the Internet, then use the Cisco VPN Client to connect to the concentrator. And they work just fine. As does my computer at home (which is not a member of our domain).

It's just wierd.

Any ideas on what to check in DNS? We have checked "everything" and can't seem to find the issue.

Thanks,
Will

Have you looked through your Group policies?

Ok so last night (2-3 hours of trying things) I noticed that the DNS Suffix was being added in ALL CAPS, which isn't normal for our domain. So I started checking the DNS Suffix section. The Append these DNS suffixes (in order) radio button was selected. So I selected the one above it Append primary and connection specific DNS suffixes and it all worked.

Now I get to work with out network/vpn management people to get this changed on our concentrator. If this really fixes it then I will change the subject to SOLVED, etc.

BTW, the comments here and in an email from the network/vpn management people helped me figure this out. I'll let you all know how it turns out.

Thanks,
Will

That's interesting, Will. Where exactly did you change these settings?