Announcement

Collapse
No announcement yet.

Cisco VPN Client DNS problems

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco VPN Client DNS problems

    Hi,

    I have set up PIX Easy VPN Server on my PIX 515E at work pretty well straight out of the Cisco book. I have also set up Cisco VPN Client on my home computer and connect through cable DSL. Everything apears to connect correctly, I authenticate to my PIX with no problems and a vpn connection is set up. My home computer's virtual adapter picks up the address of my work dns servers and the primary dns suffix. The problem is I can't browse, ping, or anything inside the network. Can anyone see where I'm going wrong? My work IP range is 192.168.1.0 255.255.255.0 and my Remote IP pool is 192.168.1.75-192.168.1.80. (Which is what it says in the cisco book). I even set up a couple of entries in my hosts file for my dns servers but still nothing. I'm sure that I'm doing something very basically wrong but I'd appreciate any help.


    Here is my ipconfig /all from my home computer:

    Microsoft Windows XP [Version 5.1.2600]
    (C) Copyright 1985-2001 Microsoft Corp.
    C:\ipconfig /all
    Windows IP Configuration
    Host Name . . . . . . . . . . . . : Julian-laptop
    Primary Dns Suffix . . . . . . . : mycompany.co.uk
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : mycompany.co.uk
    co.uk
    Ethernet adapter Local Area Connection:
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Xircom CardBus Ethernet II 10/100
    Physical Address. . . . . . . . . : 00-10-A4-BA-AC-D9
    Dhcp Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    IP Address. . . . . . . . . . . . : 92.235.148.68
    Subnet Mask . . . . . . . . . . . : 255.255.254.0
    Default Gateway . . . . . . . . . : 92.235.148.1
    DHCP Server . . . . . . . . . . . : 62.30.64.114
    DNS Servers . . . . . . . . . . . : 194.168.4.100
    194.168.8.100
    Lease Obtained. . . . . . . . . . : 25 February 2009 13:25:03
    Lease Expires . . . . . . . . . . : 03 March 2009 13:21:59
    Ethernet adapter Local Area Connection 2:
    Connection-specific DNS Suffix . : mycompany.co.uk
    Description . . . . . . . . . . . : Cisco Systems VPN Adapter
    Physical Address. . . . . . . . . : 00-05-9A-3C-78-00
    Dhcp Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.1.75
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . :
    DNS Servers . . . . . . . . . . . : 192.168.1.7
    192.168.1.2
    C:\

    Here is part of my PIX config:

    FW01# show run
    : Saved
    :
    PIX Version 6.3(5)
    ***
    OMITTED
    ***
    access-list splittunnelACL permit ip 192.168.1.0 255.255.255.0 192.168.1.0 255.255.255.0
    pager lines 24
    mtu outside 1500
    mtu inside 1500
    mtu intf2 1500
    ip address outside ***.***.***.*** 255.255.255.248
    ip address inside 192.168.1.1 255.255.255.0
    no ip address intf2
    ip audit info action alarm
    ip audit attack action alarm
    ip local pool RemoteIP 192.168.1.75-192.168.1.80 mask 255.255.255.0
    ***
    OMITTED
    ***
    vpngroup Remote address-pool RemoteIP
    vpngroup Remote dns-server 192.168.1.7 192.168.1.2
    vpngroup Remote default-domain mycompany.co.uk
    vpngroup Remote split-tunnel splittunnelACL
    vpngroup Remote split-dns mycompany.co.uk
    vpngroup Remote idle-time 1800
    vpngroup Remote password ********
    FW01#


    Regards Egg
    Last edited by eggyh; 26th February 2009, 20:00.

  • #2
    Re: Cisco VPN Client DNS problems

    Hi,

    Have you excluded the RemoteIp pool range from your DHCP server?
    Caesar's cipher - 3

    ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

    SFX JNRS FC U6 MNGR

    Comment


    • #3
      Re: Cisco VPN Client DNS problems

      Hi L4ndy,

      Yes, I already thought of that 1.

      Regards

      Egg

      Comment


      • #4
        Re: Cisco VPN Client DNS problems

        Check if you have an "isakmp nat-traversal 20" line

        I have to admit I don't think I have ever setup the remote pool on the same subnet though.
        cheers
        Andy

        Please read this before you post:


        Quis custodiet ipsos custodes?

        Comment


        • #5
          Re: Cisco VPN Client DNS problems

          Hi AndyJG,

          Yeah, I was thinking that myself but that's the way the cisco book shows it. I'll have a play with different subnets though.

          Thanks

          Egg

          Comment


          • #6
            Re: Cisco VPN Client DNS problems

            Did you check for that line?
            I think we need a bit more of the config though, can you post the rest minus identifiable info?
            cheers
            Andy

            Please read this before you post:


            Quis custodiet ipsos custodes?

            Comment


            • #7
              Re: Cisco VPN Client DNS problems

              Hi Andy,

              Yeah, changing the subnet of the IP pool seems to have done the trick. I can't browse the network as such but mapped drives work, and I can connect to our exchange server from Outlook. I'll have a little play later and find out more. I not quite sure if it's using our dns servers or whether it's using the hosts file I set up previously. It's a step closer though. Thanks for your input.

              Regards

              Egg

              Comment

              Working...
              X