Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.

1555
Views
0
Helpful
1
Replies
agadmin99
Beginner
Beginner
‎10-28-2011 12:48 PM
‎10-28-2011 12:48 PM

SA 540 IPSec VPN with Shrew Client DNS not working

I configured my SA 540 for IPSec VPN along with Shrew VPN Client according to instructions from Cisco website. Everything connects properly, but I am not able to browse PC's or servers by either Netbios or DNS name on the remote network. It looks like DNS server settings are not passed through the VPN connection even though I put correct IP address of my remote DNS server in the Shrew client settings. Am I missing something?

Labels:
0 Helpful
1 REPLY 1
nmanglik
Cisco Employee
Cisco Employee
‎11-04-2011 04:56 PM
‎11-04-2011 04:56 PM

Hi Adam,

Can you please confirm what software version of SA500 you have on the device?

We have simulated the setup locally with the topology and configuration steps and are able to ping using DNS name. Please find our observations below:

Topology:

========

Lan host     +--- [L] SA500 [W] ------------- Shrew Soft VPN client

                 |

DNS Server +

SA520W configuration:

  • Add VPN client configuraton from VPN Wizard (VPN > IPSec > VPN Wizard)
  • On IKE Policies page, select XAUTH Configuration - Edge Device and Authentication Type - User Database.
  • On VPN Policies page, enable Mode Config
  • On Dynamic IP Range page, configure client IP range and DNS Server as LAN side DNS server.
  • Create an IPSec user
  • Disable and Enable VPN Policy.

Shrew Soft VPN Client (v2.1.7):

  • Disable Split tunnel
  • Authentication Method - Mutual PSK + XAuth
  • Policy tab, select 'Maintain Persistent Security Association' and Add to include remote network resource (LAN address of SA500)

Thanks,

Nitin.

0 Helpful
Latest Contents
Cybersecurity strategies for Small Business
Created by Kelli Glass on 04-14-2021 11:46 AM
0
0
0
0
Discover the cybersecurity strategies that small and midsize business (SMB) leaders are using to thrive in today's ever-evolving threat landscape. The Cisco Cybersecurity Report Series is a collection of thought leadership studies. This spin-off from our... view more
#CiscoChat Live - Thriving with Cybersecurity: The 2021 Secu...
Created by Kelli Glass on 04-06-2021 03:44 PM
0
0
0
0
Would you believe that small and midsize businesses (SMBs) can teach enterprises a thing or two about effective security? Learn in which areas SMBs excel as we share the highlights of our Security Outcomes Study for SMBs. Join us on Thursday, April 15 at ... view more
#CiscoChat Live - Thriving with Cybersecurity: The 2021 Secu...
Created by Kelli Glass on 04-06-2021 03:42 PM
5
0
5
0
Would you believe that small and midsize businesses (SMBs) can teach enterprises a thing or two about effective security? Learn in which areas SMBs excel as we share the highlights of our Security Outcomes Study for SMBs. Join us on Thursday, April 15 at... view more
Don't miss out on the Small Business sessions at Cisco Live
Created by Kelli Glass on 03-18-2021 11:02 AM
0
0
0
0
Depending on where you are in the world on March 30 – April 1, you can learn how The Future of Small Business is Cloud Delivered at Cisco Live 2021! With an all-access pass you’ll be able to register and watch. But, if you aren’t, you can still take part ... view more
Expand your influence & elevate your career through Cisco Ad...
Created by Kelli Glass on 03-12-2021 11:29 AM
0
5
0
5
Join more than 20K Cisco customers taking part in Cisco’s Global Advocacy program. Engage with Cisco leaders and industry experts, share your tech success story and exchange best practices with your peers around the world—the sky’s the limit. Here are ju... view more
This widget could not be displayed.