Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
794
Views
0
Helpful
0
Comments

The VPN Client on the inside is unable to access the web server on the inside by name, but it can access it by a real IP address

TCC_2
Level 10
Level 10

‎06-22-2009 05:12 PM - edited ‎03-08-2019 06:24 PM

Core issue

The VPN Client's Domain Name System (DNS) server is also on the inside, and it is returns the global (translated) IP address of the web server.

Resolution

If the VPN Client, web server and DNS server are all located off the same interface on the PIX Firewall, then the PIX cannot doctor the DNS replies with the alias command because the replies do not pass through the PIX. The only solution is for the internal DNS server to respond to requests for the web server's name with the real IP address.

For more information, refer to Using nat, global, static, conduit, and access-list Commands and Port Redirection on PIX.

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents