Re: VPN working, accessing DNS server other side of VPN

bsallison · ‎09-12-2008

Attached are latest configs for each side. The IPSEC VPN is working between locations. 1841 router is HQ and has a Windows Small Business Server 10.2.1.6 that hosts MS Exchange & DNS for the domain. Remote site (PIX) need to access servers at HQ by name, workstations have their DNS pointed to 10.2.1.6, but get no DNS replies from that server. Something is not properly crossing the VPN, or some ACL is blocking. From remote (PIX) side I can ping HQ devices by IP number but not by name. Nor can I access https://10.2.1.6/exchange for OWA. Something not routing properly.

Please advise.

singhsaju · ‎09-12-2008

Hi Brian,

Do the following on the router:

access-list 130 deny ip 10.2.1.0 0.0.0.255 10.5.5.0 0.0.0.255

access-list 130 permit ip 10.2.1.0 0.0.0.255 any

route-map nonat permit 10

match ip address 130

no ip nat inside source static 10.2.1.6 216.203.117.85

ip nat inside source static 10.2.1.6 216.203.117.85 route-map nonat

clear translations : clear ip nat translations *

Check and post results If DNS is working for private ip address 10.2.1.6

HTH

Saju

Pls rate helpful posts

bsallison · ‎09-12-2008

Better, but not quite....

I can do https://shampoo/exchange & that brings up OWA.

I still can not ping by name, nor can I do http://sunscreen/crm and access our CRM applications hosted on another internal server at HQ site.

As if DNS still not coming across VPN.