Can't connect to internal PC's through VPN using DNS name only IP addr

[dalew430]

I can connect through VPN tunnel and RDP to any internal machine by IP address, but not using DNS name. I also lose local Internet access while connected to the VPN. I set the VPN Client up using IPSEC over UDP and checked Allow Local LAN access.

 

[unclerico]

when you are connected in over vpn what do you have populated for your dns entries for your VPN adapter?? it sounds like you don't have split-tunneling enabled on the PIX side.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[dalew430]

The VPN adapter is showing the DNS server. I checked the configuration file and I don't see an entry for split tunneling. I'm hesitant to run the VPN wizard to add it since we have it working now. I'd like to be able to add split-tunneling through the CLI, but not sure what the command for that is.

 

[unclerico]

let me ask you this; when you try to ping is it by short name or fully-qualified??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[unclerico]

add this line to provide DNS resolution:

vpngroup NMAC default-domain <your_domain_name>

to enable split-tunneling add this:

access-list split_tunnel_acl extended permit ip 10.252.1.96 255.255.255.224 10.251.0.0 255.255.0.0

vpngroup NMAC split-tunnel split_tunnel_acl

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[dalew430]

I added the above to my configuration and the VPN stopped working. Once I deleted those entries I was able to connect through VPN.

 

[unclerico]

homie says what?? you couldn't connect at all??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[dalew430]

No ... I couldn't connect at all. Today I VPN in and was able to connect through RDP using DNS name ... strange huh?!