cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
990
Views
0
Helpful
4
Replies

Split tunnel VPN not resolving internal hostnames.

c.leighland
Level 1
Level 1

Good  morning all. I hope someone can point me in the right direction about  an issue I'm having with my VPN Server on my Cisco 2621xm.

I started by creating a VPN - everything worked great. I assigned  the DNS Servers, Domain name, WINS Server so when I connect I'm able to  resolve local hostnames on the network with no problem, however, I had no internet access... I then set up a split tunnel access  list. Since I've set that up, I'm now able to ping internet based  addresses (www.google.ca), but no longer able to resolve internal host names. I can ping the ip addresses, just name resolution no longer works.

Here is some basic info (hopefully you don't need the whole config).

Internal network address range: 192.168.1.0/25

VPN Network address range: 192.168.2.0/29

DNS Nameserver 192.168.1.55

domain acheron.local

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

!

crypto isakmp client configuration group ChrisVPN

key (HIDDEN)

dns 192.168.1.55

wins 192.168.1.55

domain acheron.local

pool SDM_POOL_1

acl home_away_split_tunnel

include-local-lan

max-users 4

netmask 255.255.255.248

!

ip access-list extended home_away_split_tunnel

permit ip 192.168.1.0 0.0.0.127 192.168.2.0 0.0.0.7

!

ip local pool SDM_POOL_1 192.168.2.1 192.168.2.6

If anyone could please provide some input as to what I'm missing of what sort of changes can be made to solve this problem, I would be very greatful.

Thank you in advance,

Chris.

4 Replies 4

Jennifer Halim
Cisco Employee
Cisco Employee

Can you try to add "split dns" command within your vpn group configuration.

I've enable split-dns, now everything works great, to a point.  Now it seems I lose the VPN connection shortly after its established.  I'll connect, everythig works splendidly.  I can ping both internal and external host names with no problem, but after about a minute and a half I'm no longer able to ping anything!  The VPN client still says its connected, and shortly after I lose the connection.  I don't understand why suddenly I'm no longer able to ping anything, then end up losing the connection after making a small change to the config...

Any help would be appreciated.

Thank you,

Bump...

Hmm, that's weird. How are you connected to the Internet? using wireless card? or wired to home DSL? or wireless to home DSL? or some other method?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: