The problem is that the VPN client is trying to resolve internal network names using a public DNS server.This can happen when the VPN client is not assigned an internal network DNS server address, or assigned no DNS server address at all by the VPN server.It is possible that when the VPN client is not configured to use the default gateway on the remote network that name resolution will fail for internal network resources.
For example, you may host a public DNS server named The server is accessible from the Internet by connecting to its public IP address.The solution is to confirm that a correct DNS server address is assigned to the VPN clients.VPN clients may be assigned a valid DNS server address, but the DNS server is not correctly configured to resolve Internet host names.DNS issues comprise a major portion of connectivity problems related to ISA Server 2000 firewalls and VPN servers.
ISA Server firewall/VPN servers and clients use DNS host name resolution to resolve both internal and external network names.
Internal network clients can also connect to the same server by using the same name,
When a VPN client tries to connect to it is unable to connect to the server by that name on the internal network, or it connects to the public server by the same name.
If hosts on the opposite side of the VPN gateway to gateway link belong to a different domain, then you will need to configure the internal network clients to use a DNS server that can resolve names for all internal network domains.
You can use stub zones or zone delegation to accomplish this task depending on the specifics of your internal network environment.
The solution to this problem is to configure the ISA Server firewall/VPN server to use a DNS server that can resolve Internet host names.