Router can not resolve names.

Discussion in 'Cisco' started by AM, Jan 21, 2005.

  1. AM

    AM Guest

    I set up DNSes IP of my provider in the router but when I try

    <name of the router>#www.google.com
    Translating "www.google.com"
    % Unknown command or computer name, or unable to find computer address

    The DNSes are correct as the PCs on the ethernet side use them without any problem.

    Any ideas or is it an issue already encountered by anyone?

    Alex.
     
    AM, Jan 21, 2005
    #1
    1. Advertisements

  2. Maybe an access list is blocking the response of the dns server. Do you
    have ACLs configured?
     
    Helmut Ulrich, Jan 21, 2005
    #2
    1. Advertisements

  3. A "show run" would help.
     
    Helmut Ulrich, Jan 21, 2005
    #3
  4. AM

    AM Guest

    Here it is.


    -o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-

    Current configuration : 4226 bytes
    !
    ! Last configuration change at 10:37:38 CET Fri Jan 21 2005 by XXXXXXXXXXX
    ! NVRAM config last updated at 20:11:07 CET Mon Jan 17 2005 by XXXXXXXXXXX
    !
    version 12.3
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    !
    hostname XXXXXXXXXXXX
    !
    boot-start-marker
    boot-end-marker
    !
    enable secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXx
    !
    username YYYYYYYYYYYYYYYYYYYYY password DDDDDDDDDDDDDDDDDD
    clock timezone CET 1
    clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
    no aaa new-model
    ip subnet-zero
    !
    !
    ip dhcp excluded-address 10.132.3.0 10.132.3.31
    ip dhcp excluded-address 10.132.3.240 10.132.3.254
    !
    ip dhcp pool DHCPPoolLAN_0
    network 10.132.3.0 255.255.255.0
    dns-server IIIIIIIIIIIIIIIIIIIII
    default-router 10.132.3.253
    !
    !
    no ip domain lookup
    ip domain name RRRRRRRRRRRRRRRRRR
    ip name-server 111111111111111111111111
    ip name-server 222222222222222222222222
    ip ips po max-events 100
    ip ssh authentication-retries 5
    ip ssh version 2
    no ftp-server write-enable
    !
    !
    !
    !
    !
    crypto isakmp policy 10
    encr WWWWWWWWWWWW
    hash EEEEEE
    authentication pre-share
    group YYYYYYYYY
    lifetime 86000
    crypto isakmp key TTTTTTTTTTTTTTTTTTTTTT address GGGGGGGGGGGG
    crypto isakmp invalid-spi-recovery
    !
    crypto ipsec security-association lifetime seconds 28000
    !
    crypto ipsec transform-set headquarter PPPPPPPPP LLLLLLLLLLLLLLL
    !
    crypto map vpn2hq 10 ipsec-isakmp
    set peer GGGGGGGGGGGGGGGGGGGg
    set transform-set headquarter
    set pfs YYYYYYYYYYYYYYY
    match address 130
    !
    !
    !
    interface Ethernet0
    ip address 10.132.3.253 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    no cdp enable
    hold-queue 100 out
    !
    interface ATM0
    no ip address
    no atm ilmi-keepalive
    bundle-enable
    dsl operating-mode auto
    hold-queue 224 in
    pvc 8/35
    ubr 320
    encapsulation aal5snap
    pppoe-client dial-pool-number 1
    !
    !
    interface FastEthernet1
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet2
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet3
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet4
    no ip address
    duplex auto
    speed auto
    !
    interface Dialer0
    description ISP
    ip address HHHHHHHHHHHHHHH 255.255.255.0
    ip mtu 1492
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    dialer pool 1
    ppp authentication chap pap callin
    ppp chap hostname AAAAAAAAAAAAAAAAAAAAAAAA
    ppp chap password 7 QQQQQQQQQQQQQQQQQQQ
    ppp pap sent-username AAAAAAAAAAAAAAAAAAAAAAAA password 7 QQQQQQQQQQQQQQQQQQQ
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer0
    ip route 10.2.0.0 255.255.0.0 10.132.3.254
    ip route 192.168.29.0 255.255.255.0 10.132.3.254
    ip route 192.168.30.0 255.255.255.0 10.132.3.254
    ip route 192.168.31.0 255.255.255.0 10.132.3.254
    ip route 192.168.32.0 255.255.255.0 10.132.3.254
    ip route 192.168.33.0 255.255.255.0 10.132.3.254
    ip route 192.168.34.0 255.255.255.0 10.132.3.254
    ip route 192.168.35.0 255.255.255.0 10.132.3.254
    ip route 192.168.36.0 255.255.255.0 10.132.3.254
    ip route 192.168.37.0 255.255.255.0 10.132.3.254
    !
    no ip http server
    no ip http secure-server
    !
    ip nat inside source list 1 interface Dialer0 overload
    !
    !
    ip access-list extended vty-access

    < Here host list allowed to connect TO the router >

    access-list 1 permit 10.132.3.0 0.0.0.255
    access-list 111 permit tcp any any
    access-list 111 permit udp any any
    access-list 111 permit icmp any any
    access-list 130 permit ip 10.132.3.0 0.0.0.255 192.168.31.0 0.0.0.255
    access-list 131 deny ip 10.132.3.0 0.0.0.255 192.168.31.0 0.0.0.255
    access-list 131 permit ip 10.132.3.0 0.0.0.255 any
    !
    !
    control-plane
    !
    !
    line con 0
    no modem enable
    transport preferred all
    transport output all
    line aux 0
    transport preferred all
    transport output all
    line vty 0 4
    access-class vty-access in
    exec-timeout 120 0
    login local
    transport preferred all
    transport input all
    transport output all
    !
    scheduler max-task-time 5000
    end

    -o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-

    It seems to me that no resctrictions are applied on outgoing connections.
    Am I wrong?

    Alex.
     
    AM, Jan 21, 2005
    #4
  5. AM

    AM Guest

    Here it is.

    IOS Version 12.3(11)T2

    -o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-

    Current configuration : 4226 bytes
    !
    ! Last configuration change at 10:37:38 CET Fri Jan 21 2005 by XXXXXXXXXXX
    ! NVRAM config last updated at 20:11:07 CET Mon Jan 17 2005 by XXXXXXXXXXX
    !
    version 12.3
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    !
    hostname XXXXXXXXXXXX
    !
    boot-start-marker
    boot-end-marker
    !
    enable secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXx
    !
    username YYYYYYYYYYYYYYYYYYYYY password DDDDDDDDDDDDDDDDDD
    clock timezone CET 1
    clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
    no aaa new-model
    ip subnet-zero
    !
    !
    ip dhcp excluded-address 10.132.3.0 10.132.3.31
    ip dhcp excluded-address 10.132.3.240 10.132.3.254
    !
    ip dhcp pool DHCPPoolLAN_0
    network 10.132.3.0 255.255.255.0
    dns-server IIIIIIIIIIIIIIIIIIIII
    default-router 10.132.3.253
    !
    !
    no ip domain lookup
    ip domain name RRRRRRRRRRRRRRRRRR
    ip name-server 111111111111111111111111
    ip name-server 222222222222222222222222
    ip ips po max-events 100
    ip ssh authentication-retries 5
    ip ssh version 2
    no ftp-server write-enable
    !
    !
    !
    !
    !
    crypto isakmp policy 10
    encr WWWWWWWWWWWW
    hash EEEEEE
    authentication pre-share
    group YYYYYYYYY
    lifetime 86000
    crypto isakmp key TTTTTTTTTTTTTTTTTTTTTT address GGGGGGGGGGGG
    crypto isakmp invalid-spi-recovery
    !
    crypto ipsec security-association lifetime seconds 28000
    !
    crypto ipsec transform-set headquarter PPPPPPPPP LLLLLLLLLLLLLLL
    !
    crypto map vpn2hq 10 ipsec-isakmp
    set peer GGGGGGGGGGGGGGGGGGGg
    set transform-set headquarter
    set pfs YYYYYYYYYYYYYYY
    match address 130
    !
    !
    !
    interface Ethernet0
    ip address 10.132.3.253 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    no cdp enable
    hold-queue 100 out
    !
    interface ATM0
    no ip address
    no atm ilmi-keepalive
    bundle-enable
    dsl operating-mode auto
    hold-queue 224 in
    pvc 8/35
    ubr 320
    encapsulation aal5snap
    pppoe-client dial-pool-number 1
    !
    !
    interface FastEthernet1
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet2
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet3
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet4
    no ip address
    duplex auto
    speed auto
    !
    interface Dialer0
    description ISP
    ip address HHHHHHHHHHHHHHH 255.255.255.0
    ip mtu 1492
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    dialer pool 1
    ppp authentication chap pap callin
    ppp chap hostname AAAAAAAAAAAAAAAAAAAAAAAA
    ppp chap password 7 QQQQQQQQQQQQQQQQQQQ
    ppp pap sent-username AAAAAAAAAAAAAAAAAAAAAAAA password 7 QQQQQQQQQQQQQQQQQQQ
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer0
    ip route 10.2.0.0 255.255.0.0 10.132.3.254
    ip route 192.168.29.0 255.255.255.0 10.132.3.254
    ip route 192.168.30.0 255.255.255.0 10.132.3.254
    ip route 192.168.31.0 255.255.255.0 10.132.3.254
    ip route 192.168.32.0 255.255.255.0 10.132.3.254
    ip route 192.168.33.0 255.255.255.0 10.132.3.254
    ip route 192.168.34.0 255.255.255.0 10.132.3.254
    ip route 192.168.35.0 255.255.255.0 10.132.3.254
    ip route 192.168.36.0 255.255.255.0 10.132.3.254
    ip route 192.168.37.0 255.255.255.0 10.132.3.254
    !
    no ip http server
    no ip http secure-server
    !
    ip nat inside source list 1 interface Dialer0 overload
    !
    !
    ip access-list extended vty-access

    < Here host list allowed to connect TO the router >

    access-list 1 permit 10.132.3.0 0.0.0.255
    access-list 111 permit tcp any any
    access-list 111 permit udp any any
    access-list 111 permit icmp any any
    access-list 130 permit ip 10.132.3.0 0.0.0.255 192.168.31.0 0.0.0.255
    access-list 131 deny ip 10.132.3.0 0.0.0.255 192.168.31.0 0.0.0.255
    access-list 131 permit ip 10.132.3.0 0.0.0.255 any
    !
    !
    control-plane
    !
    !
    line con 0
    no modem enable
    transport preferred all
    transport output all
    line aux 0
    transport preferred all
    transport output all
    line vty 0 4
    access-class vty-access in
    exec-timeout 120 0
    login local
    transport preferred all
    transport input all
    transport output all
    !
    scheduler max-task-time 5000
    end

    -o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-

    It seems to me that no resctrictions are applied on outgoing connections.
    Am I wrong?

    Alex.
     
    AM, Jan 21, 2005
    #5
  6. Here is your problem:
    Type "ip domain lookup" and it will work.
     
    Helmut Ulrich, Jan 21, 2005
    #6
  7. AM

    AM Guest

    Thanks a lot!
    Alex.
     
    AM, Jan 21, 2005
    #7
  8. AM

    krycheq Guest

    Make sure you put ip domain-lookup in the configuration...

    Scott
     
    krycheq, Jan 24, 2005
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.