Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
352
Views
5
Helpful
4
Replies

DNS and the PIX 525

poneill
Level 1
Level 1

‎05-14-2004 11:53 AM - edited ‎02-20-2020 11:24 PM

When remote access VPN users tunnel into the network through the PIX and try to access the internal Intranet web site they can only get there by using the IP address. When they try and access links from the Intranet page they get page cannot be displayed errors.

If users connect via the Cisco MAS (dial-up) box and try to access the Internal Intranet web site they are able to get there via name or IP address.

What would be the difference in the way the PIX handles DNS compared to the Cisco MAS box?

We are currently running PIX IOS version 6.2(1) and PDM version 2.1(1). I will be upgrading the PIX this weekend to PIX IOS version 6.3(3) and PDM version 3.0(1).

Does anyone have a suggestion as to what could be causing the failure in DNS when the clients connect via VPN through the PIX?

0 Helpful
4 Replies 4

mostiguy
Level 6
Level 6

‎05-15-2004 02:26 PM

are the remote vpn clients being assigned a dns server settings?

are you certain the intranet web servers have dns records? sometimes people in MS centric environments forget, and can subsist on WINS/browser masters to allow internal browsing

0 Helpful

ehirsel
Level 6
Level 6
In response to mostiguy

‎05-17-2004 10:56 AM

Ignore this - see my 2nd post.

0 Helpful

ehirsel
Level 6
Level 6

‎05-17-2004 10:59 AM

Check your pix config with regards to vpn clients and make sure that they are issued the proper ip dns domain-name. Compare the pix config to the dial-up gateway config to make sure the same domain is specified. It could be that the client dns queries fail because of the wrong domain suffix being appended.

poneill
Level 1
Level 1
In response to ehirsel

‎05-21-2004 01:05 PM

you were right on the money. Having not been in on the intitial configuration of the VPN clients and Firewall VPN setup I did not even think to check that the DNS siffux was in place as it should have been. As soon as I entered the suffix and saved the config resolution by the name worked flawlessly. Thanks for the help...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card