Yep. We had this issue with using PPTP as the VPN supplied DNS/WINS are appended to the end of the list. You can block DNS queries outbound from The concentrator through your FW ( which is a good Idea anyways ) that way the first 2 queries time out, and it is forced to use yours internally. Be careful of users that have a 3COM DSL/Cable FW. I have run into issues where it acts a proxy, so the clients will still be able to reach them, and they will relay the requests. Unfortunately, only remote traffic is sent over the VPN link. Local traffic is still sent our the Ethernet if it is present.
You can also switch to the Cisco Secure VPN Client 3.5x which will in fact "rip out" the old DNS/WINS entry and replace them with the concentrator supplied ones. I would recommend this approach as the performance gains are tremendous! Thanks Larry -----Original Message----- From: BH [mailto:[EMAIL PROTECTED]] Sent: Friday, May 17, 2002 2:54 PM To: [EMAIL PROTECTED] Subject: How to get internal dns w/MS vpn clients and 3005? [7:44401] Hi, I am using Cisco VPN3005 appliance for secured access with MS-Windows clients and cannot get dhcp supplied dns to overide any pre-existing dns server entries ( for instance, dns servers dynamically provided by a dsl provider). DHCP servers for base group client connections are set, tunnel-type is remote access and internal dns servers are configured to be used by all vpn clients. Anyone seen this before? Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44406&t=44406 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
