Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Replacing NetGear with Cisco and have big Problem.HELP!!

So here is the situation

I'm replacing a netgear prosafe or something at the head office with a Cisco 1800. I had a few VPN tunnels coming into it connected to other offices/vendors and the tunnels worked fine.. In my main office I have a Domain controller that is the main DNS Server for our internal network. It also our external Facing DNS Server as well ( I know I know) I just inherited it.. So everything works fine with the netgear. When I configure the 1800 and get it working, the tunnels come up and everything is good, except for one thing.. I have an office with an XP Machine and a small netgear router with a vpn tunnel to the main office where the DNS Points to 10.51.44.9 which is the IP of the DC. Once the Cisco was put in it could not query that DNS server at all. I have the nat statement..

ip nat inside source static udp 10.51.44.9 53 interface FastEthernet0/0 53 in the 1800 to allow for outside access to this DNS Server. When I take it out. DNS works fine again on the XP Machine.. the problem is I can't leave it out or everything will stop working..

Any ideas?

8 REPLIES
New Member

Re: Replacing NetGear with Cisco and have big Problem.HELP!!

Anyone Please??

Re: Replacing NetGear with Cisco and have big Problem.HELP!!

Please attach your config.

New Member

Re: Replacing NetGear with Cisco and have big Problem.HELP!!

Here you go

Re: Replacing NetGear with Cisco and have big Problem.HELP!!

Can the remote site acces your web server @ 10.51.44.9 when using the vpn ?

New Member

Re: Replacing NetGear with Cisco and have big Problem.HELP!!

not unless i take this statement out

ip nat inside source static tcp 10.51.44.9 80 interface FastEthernet0/0 80

Re: Replacing NetGear with Cisco and have big Problem.HELP!!

The easy way out is to use the "outside" IP adresse to reach the DNS and other server from your remote site.

If you all your router were cisco, you could do a GRE IPsec tunnel and avoid this nat issue...

Or...to make this work, you would need a static outside address.(not the interfae)

New Member

Re: Replacing NetGear with Cisco and have big Problem.HELP!!

i tried that but DNS Still dosent work right ie cant join the domain etc

New Member

Re: Replacing NetGear with Cisco and have big Problem.HELP!!

I have a similer config where we have replaced a sonicwall with a cisco 877 (just temp, eventually to be upgraded to a 1841) Our VPN's do the same thing. We anything which is port forwarded gets lost in translation (literally). I have attempted: http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml However this did not work for me... Is the only option to get a second public IP to terminate the VPN on?

153
Views
0
Helpful
8
Replies