Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Cisco vpn client dns problems

Posted on 2006-06-23
8
Medium Priority
?
591 Views
Last Modified: 2008-01-09
We have recently setup vpn remote access to our company and everything, but one thing is working great.  When a user connects by the cisco vpn client they are not able to access the servers here on site by the dns name.  For example we have a server by the name of pylon_server.  A vpn remote user cannot connect to the server by using \\pylon_server, but instead must use the ip address of \\10.1.1.5.  This may be a simple problem to fix, but the COO just called wanting to access the server by name, so I need an answer quickly.
0
Comment
Question by:icarus2256
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 13

Expert Comment

by:prashsax
ID: 16971798
The quick solution would be to add entries in the host file on this computer.

Other wise, you need to check if you have allowed access to your internal DNS Server. This could be due to split tunnel VPN config.

What kind of VPN are you using.
0
 

Author Comment

by:icarus2256
ID: 16971814
The VPN termination point is a Cisco ASA 5510.  The remote users are using the Cisco VPN client.  I am not looking for a quick fix, but the correct fix.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16971831
What is the access-list for the VPN users.

Have you configured your internal DNS IP address for VPN clients as well.

Does your access-list allow UDP/53 from VPN clients.
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 

Author Comment

by:icarus2256
ID: 16971851
We are using the permit-ipsec rule so the outside access-list doesn't filter VPN traffic.
0
 
LVL 9

Assisted Solution

by:NYtechGuy
NYtechGuy earned 800 total points
ID: 16971928

In the VPN config, you can specify what DNS servers your clients will be issued when they connect.  

/Justin
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16971944
permit-ipsec is used so that you do not have to allow ipsec traffic inside your firewall.

But once this traffic is decrypted, it is again evaulated against an access-list.

Since this traffic is originating from subnet different from your internal their must exist some acl for the VPN IP Pool.

look for access-list where source ip is from pool you have defined for vpn clients.

Also make sure you have specified a valid DNS server in the configuration.

e.g

vpngroup group_name dns-server x.x.x.x
0
 

Author Comment

by:icarus2256
ID: 16972007
Do you know where you specify the DNS servers when using the Cisco ASDM interface?  Sorry about the permit-ipsec comment, we do allow all ip traffic from remote vpn connections into the company.
0
 
LVL 13

Accepted Solution

by:
prashsax earned 800 total points
ID: 16972054
Configuration > VPN > General > Group Policy > Add/Edit > Internal Group Policy > General Tab

See this link.
http://www.cisco.com/en/US/products/ps6121/products_user_guide_chapter09186a00806a2fc9.html

0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question