Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

The VPN Client on the inside is unable to access the web server on the inside by name, but it can access it by a real IP address

Core issue

The VPN Client's Domain Name System (DNS) server is also on the inside, and it is returns the global (translated) IP address of the web server.

Resolution

If the VPN Client, web server and DNS server are all located off the same interface on the PIX Firewall, then the PIX cannot doctor the DNS replies with the alias command because the replies do not pass through the PIX. The only solution is for the internal DNS server to respond to requests for the web server's name with the real IP address.

For more information, refer to Using nat, global, static, conduit, and access-list Commands and Port Redirection on PIX.

628
Views
0
Helpful
0
Comments