Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1271
Views
0
Helpful
5
Replies

DNS issue Cisco SRP527W ipsec VPN

Go to solution
deltacomp
Level 1
Level 1

‎04-10-2013 01:13 AM

Hi


We have to sites connected by an ipsec VPN with a SRP 527W running at each end

Site A
SBS 2011 (DHCP Server) – 192.168.10.2
SRP527W – 192.168.10.1

Site B
SRP527W (DHCP Server) – 10.0.0.138
SRP527W Assigns Ip Address – 10.0.0.*
Gateway – 10.0.0.138
DNS Server – 10.0.0.138
Wins Server – 192.168.10.2

The VPN is up and running and working fine. There is 1 PC not on the domain at site B and i can map the network drives fine and it browse them without an issue.

The issues is that there is a laptop which travels from Site A to B regularly connects wirelessly onto the modem and it takes along time to boot up and cannot browse the mapped network drive.

As it was taking a while to boot up i thought DNS issue so i assigned a static DNS address to the wireless card

First DNS – 10.0.0.138
Second DNS – 192.168.10.2

I do this and it boots quick and browses the network without an issue. I cant have this as a permanent solution as it connects to other networks wirelessly.

So on the site B router i disable DNS proxy and assign

Static DNS – 10.0.0.138
Static DNS2 – 192.168.10.2

Now both computers at Site B cant access the internet.

So on the site B router i change to the following

Static DNS – 139.130.4.4
Static DNS2 – 192.168.10.2

Now both computers can browse the Internet but the laptop on the domain still cant access the network drive.

Does anyone have a similar setup or can explain what i am doing wrong.

Thanks

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Andrew Hickman
Cisco Employee
Cisco Employee

‎04-10-2013 01:25 AM

Hi Paul,

Have you tried setting both DNS and WINS addresses to that of your SBS server and disabling the DNS proxy in the site B DHCP rule?  It would make sense your site A DNS server deals with all requests within your domain.  Internet traffic from site B will still exit locally.

Regards,

Andy

View solution in original post

0 Helpful

Go to solution
Yasien Adams
Level 1
Level 1
In response to deltacomp

‎04-10-2013 07:31 PM

Hi Paul,

Set ALL your DHCP pools to assign the SBS server for DNS as the first server.  This is crucial for AD to work correctly, and for network access, and mapped drives etc.

Your clients in Site B will still exit locally for internet, but they will just get name resolution from Site A.

If Site B has a number of users, (i.e not small) then I also suggest placing a secondary server at Site B, and assign it as preferred DNS for Site B.

Do not point any of your internal clients to the router, or 139.130.4.4 for DNS

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Andrew Hickman
Cisco Employee
Cisco Employee

‎04-10-2013 01:25 AM

Hi Paul,

Have you tried setting both DNS and WINS addresses to that of your SBS server and disabling the DNS proxy in the site B DHCP rule?  It would make sense your site A DNS server deals with all requests within your domain.  Internet traffic from site B will still exit locally.

Regards,

Andy

0 Helpful

Go to solution
deltacomp
Level 1
Level 1
In response to Andrew Hickman

‎04-10-2013 07:14 PM

Hi Andrew

Thanks for your reply.

I havent tried setting the DNS and WINS to the SBS server. If i do this are you sure all Internet traffic from SITE B will exit the router locally as i dont want it to go back to the SBS for external DNS resolution?

I did try and put the SITE B router ip address as the DNS and the SBS as the secondary DNS and the clients lost internet connectivity all together.

Thanks

Paul

0 Helpful

Go to solution
Yasien Adams
Level 1
Level 1
In response to deltacomp

‎04-10-2013 07:31 PM

Hi Paul,

Set ALL your DHCP pools to assign the SBS server for DNS as the first server.  This is crucial for AD to work correctly, and for network access, and mapped drives etc.

Your clients in Site B will still exit locally for internet, but they will just get name resolution from Site A.

If Site B has a number of users, (i.e not small) then I also suggest placing a secondary server at Site B, and assign it as preferred DNS for Site B.

Do not point any of your internal clients to the router, or 139.130.4.4 for DNS

0 Helpful

Go to solution
Andrew Hickman
Cisco Employee
Cisco Employee
In response to Yasien Adams

‎04-11-2013 03:45 AM

Thanks Yasien,

Paul - the interesting traffic rule for the VPN at site B will ensure that only traffic addressed for site A will use the VPN tunnel.  All other traffic will exit to the Internet locally (As Yasien says).

Cheers

Andy

0 Helpful

Go to solution
deltacomp
Level 1
Level 1
In response to Andrew Hickman

‎04-16-2013 05:27 PM

Thanks very much guys it is now all working. Setting the DNS to the SBS server on site B worked and all non local traffic exits correctly.

0 Helpful
Customers Also Viewed These Support Documents