Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Trouble with DNS resolution on VPN Concentrator

I have installed a new VPN Concentrator 3005 and am having trouble getting DNS resolution. Below is an event log when I try to ping by name.

2771 10/10/2003 16:55:37.530 SEV=4 DNS/6 RPT=358

Unable to resolve hostname:

I have an internal DNS server that works perfectly when I use it to resolve names at a workstation. I also added an external DNS server as the secondary DNS server in the configuration settings Configuration -> System -> Servers -> DNS.

This unit has the same filters applied that the unit had when it was fresh out of the box.

Any ideas as to why the unit can not resolve DNS names would be of great help.

Cisco Employee

Re: Trouble with DNS resolution on VPN Concentrator

The Public interface has th epublic filter applied ot it by default. This filter is very restrictive nd only allows encrypted type packets in (ESP, PPTP, L2TP, etc) and pings. You'd have to create rules for DNS traffic and them add them to the public filter for an external DNS server to work (under Config - Policy Mgmt - Traffic Mgmt - Rules and Filters).

As for why your internal DNS server doesn't resolve properly, I have no idea. Check to make sure the private filter or no filter is applied to the private interface, and that the private filter (if applied) hasn't been changed from its default rules of Any In and Any Out (under the same section as above).