From: Mohammad Saeed (mzsaeed@gmail.com)
Date: Thu Dec 14 2006 - 12:04:53 ART
Hello Every body,
I really appreciate very positive responses.
Yes, I have given IP Addresses of DNS Servers under
Configuration|System|Servers|DNS and also under
Management|Usres|Groups.
I can see those when I check Configuration|Interfaces on this screen
along with IP Addresses of interfaces it shows the DNS Servers and
their IP Addresses. But these DNS Servers are not local, they are on
the internet, but I have given IP Addresses of those DNS and they are
reachable from internal and well as from VPN3000 itself by PING.
The only thing that I have not tried is setting up DNS on internal
network. Or may be I need to add some additional rule under Traffic
Management to direct or ALLOW DNS traffic out side, which apprentally
shall be allowed by default Any/inbound Forward and Any/outbound
forward rule.
Thanks again for help and your time....
Regards,
Mohammad Zahed Saeed
On 12/14/06, Salau,Olayemi <Olayemi.Salau@southampton.gov.uk> wrote:
>
>
>
> Hello Mahammed,
>
>
>
> Well, I guess this is a CCIE SG not restricted to R&S alone, So VPN3000 will
> come under CCIE Security I believe.
>
>
>
> The DNS you configure should be a local one, ie. reachable through the
> private interface
>
>
>
> Have you tried configuring DNS on the
> Configuration|System|Servers|DNS Screen, worth mentioning
> since you didn't say anything about it within your email.
>
>
>
> Many Thanks
>
> _________________________________________________
>
> Olayemi Salau
>
> Network Analyst
>
> I.T. Solutions Division
>
> Southampton City Council
>
> ( 023 8083 4070 7 077 8811 2036 3 079 5825 7509
>
> * olayemi.salau@southampton.gov.uk
>
> _________________________________________________
>
> This e-mail is intended for the addressee only. If you are not the intended
> recipient, please be aware that the unauthorised use or disclosure of the
> information it contains, or the unauthorised copying or re-transmission of
> the e-mail are strictly prohibited. Such action may result in legal
> proceedings. If the e-mail has been sent to you in error, please accept our
> apologies, advise the sender as soon as possible and then delete the
> message. Under the Freedom of Information Act 2000 / Data Protection Act
> 1998, the contents of this e-mail, whether it is marked confidential or
> otherwise, may be disclosed. No employee, Councillor or agent is authorised
> to conclude by e-mail any binding agreement with another party on behalf of
> Southampton City Council. The Council does not accept service by e-mail of
> court proceedings, other processes or formal notices of any kind without
> specific prior written agreement. E-mails to and from Southampton City
> Council may be monitored in accordance with the law
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Mohammad Saeed
> Sent: 14 December 2006 04:01
> To: Cisco certification
> Subject: Cisco VPN3000 DNS Problem
>
>
>
>
> Hi,
>
>
>
> My apologies for sending this off-topic message but would appreciate
>
> if some one can help in this issue.
>
>
>
> we have VPN3000 connected to internet with its public interface having
>
> unique IP. The VPN3000's public interface with private IP. VPN3000 HW
>
> client is functioning in Network Extension mode and IPSec tunnel is up
>
> from client to concentrator through Internet.
>
>
>
> Everything is working fine except the DNS. We can go to the internet
>
> from any where, behind the client or behind the concentrator, but when
>
> we give domain name like www.yahoo.com, its does not get resolved.
>
> DNS servers are configured Under group on concentrator and IP of DNS
>
> is reachable. So, somehow the concentrator can not get Domain name
>
> resolved from DNS server.
>
>
>
> DNS Servers I have given are DNS on the Internet, not local, shall DNS
>
> must be locally available for VPN3000 (on its private interface
>
> network)?
>
>
>
> Regards,
>
>
>
> Mohammad Zahed Saeed
>
>
>
> _______________________________________________________________________
>
> Subscription information may be found at:
>
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:38 ART