Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6418
Views
10
Helpful
31
Replies

Can't access internet due to DNS Issue (?)

Go to solution
karang_dika
Level 1
Level 1

‎08-30-2021 01:50 AM - edited ‎08-30-2021 01:51 AM

Hi,

 

I'm new at networking, currently i have ISR4331 working as Router and i have Juniper EX2300 working as L3 Switch that will be my local gateway of my each VLANS i have.

Here's the look of my current topology 

Topology.png

I have problem where from all of my internal segments cant access internet but able to ping (Looks like its DNS issue i assume)

Here is the running-config of my router

 

ip name-server 202.158.3.6 202.158.3.7

interface GigabitEthernet0/0/0
ip address 210.210.178.226 255.255.255.248
ip nat outside
!
interface GigabitEthernet0/0/1
ip address 193.168.255.2 255.255.255.252
ip nat inside
negotiation auto
!
ip default-gateway 210.210.178.225
ip nat pool PUBLIC-1 210.210.178.226 210.210.178.230 netmask 255.255.255.248
ip nat inside source list 1 pool PUBLIC-1 overload
ip forward-protocol nd
no ip http server
no ip http secure-server
ip tftp source-interface GigabitEthernet0
ip dns view default
dns forwarder 202.158.3.6
dns forwarder 202.158.3.7
dns forwarding source-interface GigabitEthernet0/0/1
ip dns view-list conditional
view internal 10
restrict name-group 1
view default 99
ip dns server
ip route 0.0.0.0 0.0.0.0 210.210.178.225
ip route 193.168.1.0 255.255.255.0 193.168.255.1
ip route 193.168.2.0 255.255.255.0 193.168.255.1
ip route 193.255.1.0 255.255.255.0 193.168.255.1
ip route 193.255.255.0 255.255.255.0 193.168.255.1
!
!
ip access-list extended NAT
permit ip any any
permit icmp any any
!
access-list 1 permit 193.168.2.0 0.0.0.255
access-list 1 permit 193.255.1.0 0.0.0.255
access-list 1 permit 192.255.255.0 0.0.0.255
access-list 1 permit 193.168.1.0 0.0.0.255
access-list 1 permit 193.168.255.0 0.0.0.255

 

I have VMs all in that segments and all of them cant access internet but only ping. I used DNS 193.168.255.2 (My Router) instead of my ISP DNS. Then i tried to change it into ISP DNS but still doesnt work.

 

Is there any misconfiguration that i did? Perhaps something simple but i didnt aware of it?

 

Thanks. Regards.

 

Labels:
0 Helpful
31 Replies 31

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to karang_dika

‎08-31-2021 08:08 AM

Hello @karang_dika ,

you are welcome !  

we have had a long thread with a solution at the end

 

Thanks for your kind words that I would extend to @paul driver  because he has also contributed to this thread as in many others.

 

Best Regards

Giuseppe

 

Go to solution
paul driver
VIP
VIP
In response to Giuseppe Larosa

‎08-31-2021 12:38 PM

Hello

@karang_dika Excellent news this has been resolved, 

@Giuseppe Larosa  well spotted on the overload, couldn't see the "wood from the trees" so to speak! 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents