I think the answer to this will be, "It's supposed to work that way..." but here goes:
I've got a PPTP VPN server set up on my PIX, authenticating to RADIUS. Everything works fine, the attached client dials in, and can see everything on "Inside", "DMZ1" and "DMZ2". However, DNS will resolve public hosts, but the client can't get to them (ie. route back out thru the Outside interface). I need for this to function, so if someone gets email with a link to a public website, it will route properly, and the site wil come up.
Client is using the built-in VPN client supplied with Win2K
PS: Couldn't immediatly find a link to download the Cisco EZ-VPN client, I bet you can tell this client what networks you want to go thru the tunnel, versus sucking all traffic (0.0.0.0) into the tunnel..
Yeah, unfortunately, PPTP has no mechanism for split tunnelling and the PIX will not re-direct packets out the same interface where they were received. So, you are kinda hosed in this setup. The IPSec client (as you mentioned) can do split tunnelling. And as a matter of fact, moving to this kind of client connection will be a good idea as we move forward with PIX code. You can download the IPSec client here - http://www.cisco.com/cgi-bin/tablebuild.pl/vpnclient-3des
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :