Cisco VPN client intercepts DNS

Discussion in 'Cisco' started by Kenneth Porter, Jul 21, 2004.

  1. I'm running the Cisco client on my Fedora Core 2 gateway to connect to a
    peer site's Windows servers. However, I want to continue to use the BIND
    DNS server on the gateway to connect to the Internet. When the VPN is up,
    my DNS packets seem to get intercepted and replies come from the peer's DNS
    server instead of the outside authoritative servers that were queried. What
    can I do to get the client to leave my DNS alone? Is this a setting in my
    peer's VPN server that needs adjusting? What would I need to ask for?

    (I don't need the DNS to resolve the peer's servers. I can enter those
    items in my own domain as I don't expect them to change frequently. I've
    already locked resolv.conf against change with chattr to prevent hijacking
    of my resolver when the client starts.)
     
    Kenneth Porter, Jul 21, 2004
    #1
    1. Advertising

  2. Kenneth Porter

    Oliver Rahn Guest

    On Tue, 20 Jul 2004, Kenneth Porter wrote:

    > I'm running the Cisco client on my Fedora Core 2 gateway to connect to a
    > peer site's Windows servers. However, I want to continue to use the BIND
    > DNS server on the gateway to connect to the Internet. When the VPN is up,
    > my DNS packets seem to get intercepted and replies come from the peer's DNS
    > server instead of the outside authoritative servers that were queried. What
    > can I do to get the client to leave my DNS alone? Is this a setting in my
    > peer's VPN server that needs adjusting? What would I need to ask for?


    it depends how your VPN Server is configured. If it is a PIX and you use
    vpngroups to configure access then there is a option split-dns which can
    do what you want.

    Oli
     
    Oliver Rahn, Jul 21, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. MP
    Replies:
    2
    Views:
    12,439
  2. jarcar
    Replies:
    0
    Views:
    677
    jarcar
    Feb 12, 2004
  3. Replies:
    1
    Views:
    1,143
    Rohan
    Nov 18, 2006
  4. spence4
    Replies:
    0
    Views:
    959
    spence4
    Jun 20, 2007
  5. Ned
    Replies:
    0
    Views:
    602
Loading...

Share This Page