Can someone help me on this. How do I verify that the client has got the split dns strings from the server. "sh crypto ipsec client ezvpn" doesn't show that.
I am not able to make split-dns work. With regards Kings On Thu, Oct 22, 2009 at 10:15 AM, Kingsley Charles < [email protected]> wrote: > Hi > > I am trying out EzVPN with split dns. > > On the IOS EzVPN server, the split-dns is "test.com" > > crypto isakmp client configuration group mine > key cisco > dns 10.20.30.40 > pool mine > split-dns test.com > split-dns www.win2003.com > > I have connected IOS router as a client and brought up the tunnel with > network extension mode. > > Now, if I try to ping www.test.com from the EzVPN client (IOS router), it > sends the DNS request to the internet DNS server (configured with "ip > name-server"). > > But actually, it should have sent the DNS request to "10.20.30.40", the DNS > server that was sent by the EzVPN server right? > > Also I also don't see the split dns list in "sh crypto ipsec client ezvpn": > > client#sh crypto ipsec client ezvpn > Easy VPN Remote Phase: 8 > > Tunnel name : mine > Inside interface list: Loopback0 > Outside interface: FastEthernet0/0 > Current State: IPSEC_ACTIVE > Last Event: MTU_CHANGED > DNS Primary: 10.20.30.40 > Save Password: Disallowed > Current EzVPN Peer: 172.16.32.43 > > Sorry, I can't share my configuration. But this is straight forward. > Please share your inputs. > > > With regards > Kings >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
