Re: DNS question with VPN
- From: random.nick@xxxxxxxxx
- Date: 29 Aug 2005 10:44:12 -0700
Hi Walter,
Thank you very much for your reply.
> Are the two DNS servers on the same LAN, or is one perhaps on the outside?
The 2 DNS servers are on the same LAN "inside".
> :crypto isakmp client configuration group access
> : key Password_Here
> : dns 192.168.180.14
> : wins 192.168.180.14
>
> I notice you only specify one of the two DNS servers here?
Yes, that's the original VPN configuration, with the first DNS server,
I have not added the new, 2nd DNS server yet.
The first DNS server has not been modified, either.
> :Hosts listed below in the router config will respond with 67.x.x.x IP,
> :while hosts not listed here respond with 192.168.180.x IP address.
>
> :ip nat inside source static 192.168.180.106 67.x.x.8 extendable
>
> At a guess -- the other DNS server is "outside' and has been
> configured with the 67.x.x.* IPs. If so then you want to enable
> automatic DNS translation on the reply packets coming back from it.
> I do not know how you specify that under IOS; on the PIX, it would
> be a matter of adding a 'dns' keyword to the static command.
No, all the DNS servers are inside.
The host names exist only with LAN IP addresses (foo.domain.com =
192.168.180.x), they were never intended to be visible with a public IP
address.
Again, thank you for your kind reply.
Regards,
Art
.
- References:
- DNS question with VPN
- From: random . nick
- Re: DNS question with VPN
- From: Walter Roberson
- DNS question with VPN
- Prev by Date: Re: Anyone know what esp sequence fail means
- Next by Date: Re: PIX 501 PAT going to wrong host
- Previous by thread: Re: DNS question with VPN
- Next by thread: Re: DNS question with VPN
- Index(es):
Relevant Pages
|
|
