I have a problem with getting 3G fail-over to my ADSL line fully working. Here is my setup:

Small Business Server 2011 (running DNS & DHCP services) and Windows 7 Laptop (gets its IP from DHCP on SBS 2011) connected to Vigor2920 (F/W 3.3.7) via switch. Vigor2920 has Vigor120 v1 (F/W 3.2.4.4) connected on WAN1 and Huawei E173 3G dongle on WAN3 (configured as backup to WAN1). Vigor120 connects to PlusNet, 3G Dongle connects to Orange. DHCP is disabled on the Vigor2920.

Everything works beautifully when the ADSL line is active and, when the ADSL line drops, the 3G Dongle comes up and connects to Orange. However there is no DNS through the 3G connection. The only way I can get a connection to the Internet from the laptop when the 3G is active (rather than the ADSL) is to manually change the DNS server address in the laptop's network settings to the internal address of the Vigor2920. I've tried adding the internal address of the 2920 as a forwarder in the DNS settings on the server but with no effect. Does anyone have any idea where the problem might lie?

Many thanks
Jerry Cope

What are the DNS forwarders in use on Server 2011 ?

Take those values, then run some pings diagnostics from the Vigor to see if the DNS servers are reachable down both WAN 1 and WAN 3.

Also, see if, for example google public dns 8.8.8.8 and 8.8.4.4 are reachable on WAN1 and WAN3, if they are you could try updating the LAN to force dns servers 8.8.8.8 / 8.8.4.4 and then update Server DNS forwarders to be the same 8.8.8.8 and 8.8.4.4

Note! if you have long lease times in DHCP it may take a while before DHCP clients "feel the benefit" of your revised configurations - I think.

Regards, Neal

Thanks for the suggestion but I've already carried out that test.

The DNS forwarders are those at OpenDNS (208.67.222.222 and 208.67.220.220), they can be pinged directly from the router, just as 212.58.241.131 (bbc.co.uk) and 212.159.8.2 (www.plus.net) can be. As WAN1, my ADSL line, is down again now I can't check through that (although, when it's up, everything works perfectly) but they are just as ‘pingable’ through WAN3. If I manually configure my laptop to look to the router as its DNS server I can resolve all addresses and have full access to the Internet (but no access to my server) but I can't do this on the server as SBS requires a 'proper' DNS server. From the server I can ping the router and from the router I can ping the server, but the server cannot ping anything outside its own subnet so it looks to me like its a routing issue within the Vigor2920 when WAN3 (3G) is active.

The only thing that changes between my systems having full access to the Internet and them not is when the ADSL line drops (whether deliberately or not) and the 3G connection (WAN3) takes over. The 3G dongle connects to Orange and receives an IP address and the router can see (via ping and trace route) the outside world, but no other internal system can - not a very useful 'fail-over' feature, is it?

Hello Jerry,
sounds like you've made a good start troubleshooting this one. You must be getting close...
the next thing I'd check is... disconnecting your laptop from the network (both wired and wireless).
Connect the Orange 3G USB stick to your laptop, and connect to the internet using 3G. Run the same ping checks to the Open DNS servers. How do you get on?

i.e. does Orange 3G allow you to use the OpenDNS servers/service ?

After a bit of a delay due to pressure of work I can now through some more light on this.

1. Taking the laptop off the network and accessing the Internet via the 3G dongle works perfectly.
2. The problem only occurs with the Virtual Machines hosted on my Hyper-V server (running full Windows 2008R2).

Unfortunately my DNS server is one of these VMs -which rather exacerbates the problem.

The two physical machines can ping Internet addresses via both WAN1 (ADSL) and WAN3 (3G) but VMs can only ping Internet addresses via WAN1. To prove that I've pinged the same four external IP addresses from the 3 VMs and 2 PMs with the 2920 connected to the Internet via WAN1 (ADSL) - with total success. I then disconnected the WAN1 connection which forced the 2920 to switch to using WAN3 (3G dongle) and pinged exactly the same external IP addresses from all the machines in the same order; the results were that the 3 VMs failed all 4 external IP pings and the 2 PMs failed on 1 of the 4 external IP pings.
The PMs are a laptop running Windows 7 Pro and a server running Windows 2008R2 (the Hyper-v host), the VMs are running Small Business Server 2011, Windows 2008R2 (a domain member) and Windows XP Pro (not a domain member). Neither the laptop nor the Hyper-V host are domain members.

I've completely re-done the Virtual Network settings in Hyper-V but this has not had any effect.

I'm completely stumped on this, does anyone have any ideas?

My setup is a bit simpler but also had DNS issues upon failover:
The Draytek DHCP server on LAN1 by default propagated the DNS servers that where given by the provider on WLAN1.
Upon failover the DNS didn't change on a windows 7 client so it couldn't use dns.
What i did to resolve this is have the Draytek push out its own ip as primary DNS and put 8.8.8.8 as secondary dns on LAN1.
Failover works flawless now but your problem seems a bit more complicated ;-)