A client of mine mentioned he wasn’t able to access his mapped drives over the VPN. I remotely connected to his PC and noticed if I pinged hostname.domain.local it resolves to 208.68.139.38. I confirmed he was connected to the VPN and I could ping the IP of the PC directly. I did a quick lookup of that IP address and it turns out its owned by Comcast. Comcast’s DNS Helper service was to blame. They were resolving all failed hostnames to their IP address rather then letting it fail and allowing his companies DNS server to resolve it correctly.
To fix this you have 2 options:
- Opt-Out of Comcast’s DNS Helper service
- Switch to a public DNS service like OpenDNS or Google’s DNS servers
Right now Comcast has this enabled by default for all customers with dynamically assigned IP addresses. Business customers are not affected.
Below is an article on the topic that is a great read.
http://www.semicomplete.com/blog/geekery/comcast-dns-hijack-breaks-things.html