DNS problems in L2L vpn between Cisco 851 and Firewal Nokia IP220

Discussion in 'Cisco' started by libra2222, Sep 20, 2007.

  1. libra2222

    libra2222 Guest

    HI
    I have setup a L2L VPN between Cisco 857 (ADSL modem/router) in a branch and the Nokia IP220 Firewall in main office. I am having the follwowing issues and I will appreciate your input
    1) I would like the machines inside the remote office (LAN2) to connect to the main office (LAN1) for AD, but to use its own ISP gateway for Internet access.
    At the moment, it seems like all traffic has been redirected through the VPN. ie - a PC in LAN 2 with DNS server pointing to reach ISP's, can't reach the Internet. Using a packet analyser, i can see that DNS requests are sent, but replies are not coming back. I figure that they might be stopped in the Nokia Firewall Gateway in the other end, to which i have limited access to check the logs.
    I have also debugged ip packets at the router, and see no activity of any ACL stopping the reply packets.
    The interesting parts of the Cisco configuration are as follwos:

    --- NAT setup
    ip nat inside source route-map NONAT interface Dialer1 overload
    --- Route-map (I have read mixed posts saying that sometimes this approach does not work)
    route-map NONAT permit 10
    match ip address 101
    ----
    access-list 101 remark NONAT access rule excludes IPSEC connections from NAT
    access-list 101 deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
    access-list 101 permit ip 192.168.2.0 0.0.0.255 any

    I will appreciate some help with troubleshooting this issue. I can post the rest of teh config if necesary.
    Many thanks !
     
    libra2222, Sep 20, 2007
    #1
    1. Advertisements

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads
  1. Kai
    Replies:
    0
    Views:
    8,231
  2. murphynev

    FA: Cisco 851 VPN Firewall Router

    murphynev, Oct 15, 2005, in forum: Cisco
    Replies:
    2
    Views:
    1,363
    Gizmo
    Oct 17, 2005
  3. CISCO 851 -VPN CLIENT

    , Sep 6, 2006, in forum: Cisco
    Replies:
    0
    Views:
    1,708
  4. Replies:
    4
    Views:
    9,674
    Darren Green
    Nov 9, 2007
  5. shopbb.com
    Replies:
    0
    Views:
    2,481
    shopbb.com
    Nov 18, 2007
  6. lesniak81
    Replies:
    0
    Views:
    2,823
    lesniak81
    Jan 13, 2009
  7. Lowell Yates
    Replies:
    0
    Views:
    1,504
    Lowell Yates
    Mar 2, 2009
  8. Zedsquared
    Replies:
    0
    Views:
    871
    Zedsquared
    Feb 3, 2010
Loading...