Smart questions
Smart answers
Smart people
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login
Remember Me
Forgot Password?
Join Us!

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
Join Tek-Tips
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

LINK TO THIS FORUM!

Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum.
Just copy and paste the
code below into your site.

Tek-Tips LinkedIn® Group

Partner With Us!

"Best Of Breed" Forums Add Stickiness To Your Site
Partner Button
(Download This Button Today!)

Feedback

"...I also believe that we all can contribute to each other's growth by sharing knowlege and experiences. I would love to take my skills and help people around the world solve problems..."
More...

Geography

Where in the world do Tek-Tips members come from?
Click Here To Find Out!

Tek-Tips Shirts!

Get Tek-Tips Swag
Get your
Tek-Tips Forums
SWAG here!
Home > Forums > MIS/IT > Security Solutions > Cisco Systems: PIX Firewall Forum

Can't connect to internal PC's through VPN using DNS name only IP addr

thread35-1565784
Read More Threads Like This One
dalew430 (TechnicalUser)
23 Aug 09 18:26
I can connect through VPN tunnel and RDP to any internal machine by IP address, but not using DNS name.  I also lose local Internet access while connected to the VPN.  I set the VPN Client up using IPSEC over UDP and checked Allow Local LAN access.
unclerico (IS/IT--Management)
24 Aug 09 7:59
when you are connected in over vpn what do you have populated for your dns entries for your VPN adapter?? it sounds like you don't have split-tunneling enabled on the PIX side.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

dalew430 (TechnicalUser)
24 Aug 09 8:25
The VPN adapter is showing the DNS server. I checked the configuration file and I don't see an entry for split tunneling.  I'm hesitant to run the VPN wizard to add it since we have it working now. I'd like to be able to add split-tunneling through the CLI, but not sure what the command for that is.
unclerico (IS/IT--Management)
24 Aug 09 10:35
let me ask you this; when you try to ping is it by short name or fully-qualified??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

unclerico (IS/IT--Management)
24 Aug 09 10:50
add this line to provide DNS resolution:

CODE

vpngroup NMAC default-domain <your_domain_name>
to enable split-tunneling add this:

CODE

access-list split_tunnel_acl extended permit ip 10.252.1.96 255.255.255.224 10.251.0.0 255.255.0.0

vpngroup NMAC split-tunnel split_tunnel_acl
 

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

dalew430 (TechnicalUser)
24 Aug 09 20:12
I added the above to my configuration and the VPN stopped working. Once I deleted those entries I was able to connect through VPN.
unclerico (IS/IT--Management)
25 Aug 09 8:23
homie says what?? you couldn't connect at all??  

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

dalew430 (TechnicalUser)
25 Aug 09 11:01
No ... I couldn't connect at all.  Today I VPN in and was able to connect through RDP using DNS name ... strange huh?!
Read More Threads Like This One

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Back To Forum

Back To Cisco Systems: PIX Firewall

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close