VPN, NAT on a Loopback and DNS Problem

garethbeattie · ‎03-30-2010

Hi,

I have a router setup to NAT internal clients via a Loopback. These internal clients are set to use a external DNS server. Browsing via ip address works fine, but trying via dns name doesn't. I have found a temporary solution to set the router as a dns server and have the clients set use that for their dns server. I am wondering what would be stopping the dns from working when the client is set to an external DNS.

Thanks

Federico Coto Fajardo · ‎03-30-2010

Hi,

I would remove these lines:

access-list 102 permit tcp 10.10.201.0 0.0.0.255 any eq domain
access-list 102 permit udp 10.10.201.0 0.0.0.255 any eq domain

Because the following line includes them already:

access-list 102 permit ip 10.10.201.0 0.0.0.255 any

If you manually set up a client to use DNS 4.2.2.2 for example, the user can't get out by name?

Federico.

garethbeattie · ‎04-05-2010

Hi Federico,

Thanks for your reply.

Yes that is correct. If the client attempts to use an external dns server the client cannot surf the web.

Thanks again

Federico Coto Fajardo · ‎04-05-2010

This is weird.

If the client sets an external DNS let`s say 4.2.2.2 or 8.8.8.8

If you do an NSLOOKUP www.google.com do you get the DNS reply with the corresponding IP?

According to the configuration, you should be able to get out to the Internet with a public DNS. Make sure that the client can ´´access´´ the DNS server.

Federico.