I'm running the Cisco client on my Fedora Core 2 gateway to connect to a
peer site's Windows servers. However, I want to continue to use the BIND
DNS server on the gateway to connect to the Internet. When the VPN is up,
my DNS packets seem to get intercepted and replies come from the peer's DNS
server instead of the outside authoritative servers that were queried. What
can I do to get the client to leave my DNS alone? Is this a setting in my
peer's VPN server that needs adjusting? What would I need to ask for?
(I don't need the DNS to resolve the peer's servers. I can enter those
items in my own domain as I don't expect them to change frequently. I've
already locked resolv.conf against change with chattr to prevent hijacking
of my resolver when the client starts.)
|
|
0
|
|
|
|
Reply
|
 Kenneth
|
7/20/2004 11:32:51 PM |
|
On Tue, 20 Jul 2004, Kenneth Porter wrote:
> I'm running the Cisco client on my Fedora Core 2 gateway to connect to a
> peer site's Windows servers. However, I want to continue to use the BIND
> DNS server on the gateway to connect to the Internet. When the VPN is up,
> my DNS packets seem to get intercepted and replies come from the peer's DNS
> server instead of the outside authoritative servers that were queried. What
> can I do to get the client to leave my DNS alone? Is this a setting in my
> peer's VPN server that needs adjusting? What would I need to ask for?
it depends how your VPN Server is configured. If it is a PIX and you use
vpngroups to configure access then there is a option split-dns which can
do what you want.
Oli
|
|
|
0
|
|
|
|
Reply
|
Oliver
|
7/21/2004 6:12:32 PM
|
|
Search |
Post Question |
Groups |
Stream |
About |
Register
24755 articles. 
23 followers. 
1 Replies
325 Views
