Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k

DNS Problem

Hi all I'm working on an NAC solution which is PacketFence but I'm unable to access to the internet:I got the error the dns is responding.

-The NAC solution is installed on a Centos 6.7 machine no DNS there

-The user authenticates using a Cisco 3560 Series configured as a layer 2 switch.the switch can access to the internet

-Finally we have a Cisco 2600 series connected to the internet.The DNS seems to work on the router but not from the authenticate user ,here is the configuration of the router : 

Current configuration : 1759 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router2600
!
enable password 7 05080F1C2243
!
ip subnet-zero
!
!
ip domain lookup source-interface FastEthernet0/1
ip name-server 8.8.4.4
ip name-server 8.8.8.8
!
!
!
voice call carrier capacity active
!
!
!
!
!
!
!
!
!
mta receive maximum-recipients 0
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/0.1
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
!
interface FastEthernet0/0.30
encapsulation dot1Q 30
ip address 192.168.30.1 255.255.255.0
!
interface FastEthernet0/0.40
encapsulation dot1Q 40
ip address 192.168.40.1 255.255.255.0
!
interface FastEthernet0/0.60
encapsulation dot1Q 60
ip address 192.168.60.1 255.255.255.0
!
interface FastEthernet0/0.80
encapsulation dot1Q 80
ip address 192.168.80.1 255.255.255.0
!
interface FastEthernet0/0.100
encapsulation dot1Q 100
ip address 192.168.100.1 255.255.255.0
!
interface FastEthernet0/1
ip address 10.1.95.180 255.255.0.0
ip nat outside
duplex auto
speed auto
!
interface Ethernet1/0
no ip address
shutdown
half-duplex
!
ip nat inside source list NAT_TRAFFIC interface FastEthernet0/1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.254.254
no ip http server
!
!
ip access-list extended NAT_TRAFFIC
permit ip 192.168.0.0 0.0.255.255 any
!
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
line con 0
password 7 104D000A0618
login
line aux 0
line vty 0 4
password 7 00071A150754
login
!
!
end

1 REPLY

Hi

Hi

With your NAC solution, which vlan are provisioned to users? Who is doing DHCP?

Your router is not doing DHCP and then it will not be the point of failure of your DNS issues.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
116
Views
0
Helpful
1
Replies
CreatePlease to create content