Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4328
Views
0
Helpful
6
Replies

Site to Site VPN DNS problem

s-santhosh
Level 1
Level 1

‎12-12-2011 11:09 AM - edited ‎03-11-2019 03:01 PM

Hi Everyone,

I am trying to get site to site dns working The L2L is established successsfully with one our client.

I can ping ip address from our site to client site, but unable to ping with hostname using FQDN or with out FQDN.

My requirement is only the clinet DNS should be used for the client hostnames other than that local DNS should be in use.

Configuring the hostfile is not a better solution.

Does anyone had the change to tackle this problem.

Please share your suggestions and support.

Many Thanks!

San

Labels:
0 Helpful
6 Replies 6

Maykol Rojas
Cisco Employee
Cisco Employee

‎12-13-2011 08:07 PM

Hi San,

Important question here, what does the FQDN resolves to? Is that IP included on the tunnel acl? If not, what you need to do is only to add that traffic to the Interesting traffic ACL.

Mike

Mike
0 Helpful

s-santhosh
Level 1
Level 1
In response to Maykol Rojas

‎12-13-2011 10:27 PM

Hi Mike,

Local DNS servers replies as "NON-EXISTENT DOMAIN"

the destination IP is included in tunnel ACL.

The nslookup is resolving remote domain names when I set the source DNS as the remote DNS server.

Even added remote DNS in my IP config, Im able to reach the remote destination via VPN tunnel with domain names.

My new question: Does all the DNS traffic is now routed to remote DNS server rather local DNS servers for all the queries.

/San

0 Helpful

Maykol Rojas
Cisco Employee
Cisco Employee
In response to s-santhosh

‎12-13-2011 10:35 PM

Nope,

That really depends on the server that you are using to resolve domains. Do you have a Record on your local DNS server to resolve the names that you are trying to access across the VPN?

Based on the output that you attached it seems like you dont, if you put a DNS server that is on the other side...do you get the proper resolution ?

Mike

Mike
0 Helpful

s-santhosh
Level 1
Level 1
In response to Maykol Rojas

‎12-13-2011 10:49 PM

No we do not have the record on our local DNS servers.

Planning to go for configuring the local DNS as forwarders for the remote hosts.

Yes, I see it is resolving in time.

San

0 Helpful

s-santhosh
Level 1
Level 1
In response to s-santhosh

‎12-14-2011 01:07 AM

Is there anyother better solutions to achieve this.

San

0 Helpful

apuefua01
Level 1
Level 1

‎02-18-2015 10:07 AM

You need to setup DNS Forwarding on your local DNS server. Add client DNS server in the DNS Forwarding list. Very simple.

Andy

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card