Hi,
I have an IPSEC tunnel from a remote site that accesses a particular host on the dmz. That host now also requires Internet access (not necessaeraily at the same time)
object-group service webservices tcp-udp
port-object eq www
port-object eq 443
port-object eq domain
exit
access-list dmz_nat_outbound extended permit tcp host Mantis_Pc any object-group webservices. I have configured this and I can access using the IP address but not using dns. the PC is pointing at an external dns server but I cant resolve any names.
2 questions will adding internet access for ths PC break the VPN?
How can I allow dns quesries only from named hosts out to the Internet dns server?
I looked at dns doctoring but that does not seem to apply.
Thanks
I have an IPSEC tunnel from a remote site that accesses a particular host on the dmz. That host now also requires Internet access (not necessaeraily at the same time)
object-group service webservices tcp-udp
port-object eq www
port-object eq 443
port-object eq domain
exit
access-list dmz_nat_outbound extended permit tcp host Mantis_Pc any object-group webservices. I have configured this and I can access using the IP address but not using dns. the PC is pointing at an external dns server but I cant resolve any names.
2 questions will adding internet access for ths PC break the VPN?
How can I allow dns quesries only from named hosts out to the Internet dns server?
I looked at dns doctoring but that does not seem to apply.
Thanks