[c-nsp] Cisco IPSec/VPN + DNS - Issue
Mark Tinka
mtinka at globaltransit.net
Mon Sep 14 06:47:12 EDT 2009
Hello all.
I'm having an issue with a Cisco IPSec/VPN connection that
won't seem to shake.
I connect to a 2811 Cisco router configured with the EazyVPN
infrastructure, using Cisco's VPN Client for Mac OS X 10.6.1
(the latest Cisco VPN client for Mac, 4.9.01.0180). The
router is running 12.4(24)T1 (using the "T" train to support
SSL/VPN's)
When I connect to the VPN server, all is well. But it's
guaranteed that after just about 10 minutes or so, DNS
queries no longer work. The VPN would still be up, and I can
connect to hosts via their IP address. DNS just bums out.
The workaround is to disconnect from the VPN server, and
reconnect it. Of course, this isn't much of a solution,
considering my IP address changes and I have re-establish
some of my sessions to things.
I'm seeing the same issue on my Windows XP Professional home
PC as well, so I can't chalk it down to Mac. Suffice it to
say, I've had this problem since I started using Mac, i.e.,
since Tiger.
Anyone else seeing this? I'm using public IP addresses off
the VPN server, so no NAT is going on. The DNS servers are
sitting off the public network at the remote end of the VPN;
changing them around hasn't yielded much.
The problem persists whether I connect to the VPN server
over UDP or TCP.
All help appreciated.
Cheers,
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: This is a digitally signed message part.
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20090914/bc38c73a/attachment.bin>
More information about the cisco-nsp
mailing list