I'm sure there is something easy I'm missing, but I'm missing it. I have a lan-to-lan VPN established between a VPN Concentrator 3030 and an ASA something or other on the other side. I don't own the device on the other side. Because of an IP conflict I have established a static NAT so the other side connects to our 10.17.0.0/20 network as 172.31.0.0/20. This works great. However the problem I'm having is with DNS, they setup a conditional forwarder to point to our server at 172.31.0.x but naturally it responds with a 10.17.0.x for the names that it resolves and they can't connect to it because it isn't taking the NAT into account. We're using Microsoft DNS on both sides. Other than setting up a static DNS on the other side and populating it manually what is my best option?
Let me try a more straightforward wording. How do I enable DNS re-write on a lan-to-lan VPN between a VPN Concentrator and a PIX where the concentrator is using a static NAT for its traffic across the tunnel?
One more try. I just found out what I'm trying to do is called DNS Doctoring and I don't have any problem with it on my PIXes or ASA but trying to use the concentrator it doesn't work and I can't find ANY reference to it. I can't believe it isn't supported. Anyone?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...