05-21-2012 12:25 AM
Good morning all. I hope someone can point me in the right direction about an issue I'm having with my VPN Server on my Cisco 2621xm.
I started by creating a VPN - everything worked great. I assigned the DNS Servers, Domain name, WINS Server so when I connect I'm able to resolve local hostnames on the network with no problem, however, I had no internet access... I then set up a split tunnel access list. Since I've set that up, I'm now able to ping internet based addresses (www.google.ca), but no longer able to resolve internal host names. I can ping the ip addresses, just name resolution no longer works.
Here is some basic info (hopefully you don't need the whole config).
Internal network address range: 192.168.1.0/25
VPN Network address range: 192.168.2.0/29
DNS Nameserver 192.168.1.55
domain acheron.local
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp client configuration group ChrisVPN
key (HIDDEN)
dns 192.168.1.55
wins 192.168.1.55
domain acheron.local
pool SDM_POOL_1
acl home_away_split_tunnel
include-local-lan
max-users 4
netmask 255.255.255.248
!
ip access-list extended home_away_split_tunnel
permit ip 192.168.1.0 0.0.0.127 192.168.2.0 0.0.0.7
!
ip local pool SDM_POOL_1 192.168.2.1 192.168.2.6
If anyone could please provide some input as to what I'm missing of what sort of changes can be made to solve this problem, I would be very greatful.
Thank you in advance,
Chris.
05-21-2012 04:46 AM
Can you try to add "split dns" command within your vpn group configuration.
05-21-2012 08:47 AM
I've enable split-dns, now everything works great, to a point. Now it seems I lose the VPN connection shortly after its established. I'll connect, everythig works splendidly. I can ping both internal and external host names with no problem, but after about a minute and a half I'm no longer able to ping anything! The VPN client still says its connected, and shortly after I lose the connection. I don't understand why suddenly I'm no longer able to ping anything, then end up losing the connection after making a small change to the config...
Any help would be appreciated.
Thank you,
05-21-2012 10:04 PM
Bump...
05-22-2012 04:14 AM
Hmm, that's weird. How are you connected to the Internet? using wireless card? or wired to home DSL? or wireless to home DSL? or some other method?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide