Dns-server / dhcp cisco 1700
Hi,
I wonder if i may run a few questions past you guys. We have a Cisco 1700 at one of our sites which is supposed to be managed but due to problems with the third party company i had to go there to perform some work.
I wanted to add in a dns server ip. Because i don't have the enable secret (Third PTY won't tell us) i used the break command normally used for password recovery. then once in used "copy start run".
Q. can i make config changes this way, save the changes then switch the config-register back and reload?
I managed to make the changes - Dhcp pool - dns-server ip's, right? changed the config-reg back and reloaded. No connectivity. anyway i messed around with different ip's eventually put it back to to original powered of for 5 mins and on again and it was ok.
Q: have i missed something out?
Q: could reloading or powering off and on to quickly affect thigs?
Q: Could the router be downloading it's config or something additional from a TFTP server? Is there anything i can check to confirm this on the config?
This is the dns part of the config all i want to do is change 1.0.84.187 for 84.33, should be simple?
ip dhcp pool 0
network 172.16.0.0 255.255.0.0
default-router 172.16.0.15
dns-server 1.0.84.8 1.0.84.187 158.152.1.43 158.152.1.58
domain-name parkside.net
lease infinite
Q: Is this part saying that 1.0.84.187 and 158.152.1.43 are not being used for dns?
no ip domain lookup
ip name-server 1.0.84.187
ip name-server 158.152.1.43
ip cef
no scripting tcl init
no scripting tcl encdir
Sorry i know thats long winded. Any help on any part of my problem would be much appreciated.
Kind regards
J mac
Hello,
check for any lines starting with ´boot´ in the upper part of the configuration, it is very well possible that the router is configured to boot a specific file, or from a TFTP server.
Regarding the change of the DNS server IP address, in DHCP pool configuration mode, first delete the existing line:
no dns-server 1.0.84.8 1.0.84.187 158.152.1.43 158.152.1.58
and reenter it:
dns-server 1.0.84.8 1.0.84.33 158.152.1.43 158.152.1.58
The DNS servers specified with the ´ip name-server´ command are used for non-DHCP clients.
Regards,
Nethelper
Similar Messages
-
NIS+, DNS server, DHCP
I have installed Solaris 2.8 with all the patches on a PC. I installed NIS+ populating the tables from the files included into the folder /nis+files. Now I want to install DNS server for a small local network made up by two hosts: a Window2000PC and a Solaris 2.8 PC. I want to use DNS server of Solaris 2.8 to test the functionality of a DNS client of the PC. And after I want to install DHCP to test the same funcionality . I should like to make things step by step, first with DNS server and after with DNS server together to DHCP server too, both installed on Solaris 2.8, coexisting .
On the network i have another host ,a router, that gives me the acces to Internet
How do i install DNS server on Solaris 2.8, and DHCP server ? Can someone help me ?
Thank you in advance
MarcelloHi Guys,
I want to thank all for the valuable information.
I thought of sharing my own comments.
I have two SunSparc Ultra10 machines. I want to network them together using a Linksys router (Cisco) so they could communicate and also to be able to access the Internet. I let the router to do the (DHCP) work, however; since the routher doesn't send hostname I always got 'unknown' and I need to have proper hostname to do my training work. So, I've read this page and I thought I could contribute the result of my work.
(assuming my hostname= sys41)
On Solaris 10, all what I did,
1. On /etc/hostname.hme0 .. I've added,
inet sys41
2. I've created /etc/nodename .. and added,
sys41
3. On /etc/default/dhcpagent .. added,
REQUEST_HOSTNAME=yes
actualy, it was there, I just removed the comment (#) and changed it from no to yes
and double checked that I have ,
PARAM_LIST=1,3,6,12,15,28,43
That's all, I didn't need to change anything else nor add any script file or anything.
The following files where not there on my Solaris10 machine,
/etc/init.d/network
/etc/init.d/inetsvc
On Solaris 9,
1. On /etc/hostname.hme0 .. I've added,
inet sys41
2. I've created /etc/nodename .. and added,
sys41
3. On /etc/default/dhcpagent .. added,
REQUEST_HOSTNAME=yes
actualy, it was there, I just removed the comment (#) and changed it from no to yes
and double checked that I have ,
PARAM_LIST=1,3,6,12,15,28,43
I had to add 15,6,28 on my Solaris 9
4. /etc/init.d/network
changed all 'unknown' to 'sys41' which is my hostname
5. couldn't find /etc/init.d/inetsvc !
Then I've deleted /etc/nodename on Solaris 9.0 and still worked fine ..
On Solaris 10, I've deleted /etc/nodename and it didn't work.
So, I guess for Solaris 10 /etc/nodename is very important .. For the Solaris 9, /etc/inet.d/network did the job !!
Hope my comments were helpful... Regards .. -
Dnsmasq sends out its own ip as dns-server dhcp option
Hi,
i have a gateway / dns server on 192.168.1.1
I have a dhcp server on 192.168.1.2 (dnsmasq)
I configured dnsmasq to look into /etc/resolv.conf (well, that's actually default behavior) and use that to specify dns server when replying to client dhcp requests.
However, it sends out its own ip instead, which is *not cool*.
# cat /etc/resolv.conf
nameserver 192.168.1.1
#nameserver 127.0.0.1
#nameserver 212.71.0.33
# edpnet
nameserver 212.71.0.33
# grep -v ^# /etc/dnsmasq.conf | grep -v '^$'
domain-needed
bogus-priv
dhcp-range=192.168.1.5,192.168.1.255,12h
dhcp-host=q700
dhcp-host=dieter-ws
dhcp-host=dieter-dellD620-arch
dhcp-host=gibran
dhcp-host=hilde-compaq-arch
dhcp-host=hilde-vbox-win
dhcp-host=BRN_0441B3
dhcp-option=option:router,192.168.1.1
log-dhcp
# cat /etc/hosts
# /etc/hosts: static lookup table for host names
#<ip-address> <hostname.domain.org> <hostname>
127.0.0.1 localhost.localdomain localhost
192.168.1.2 dieter-p4sci-arch server
192.168.1.3 q700
192.168.1.5 dieter-ws
192.168.1.6 dieter-dellD620-arch
192.168.1.7 dieter-delle5410-arch gibran
192.168.1.8 hilde-compaq-arch
192.168.1.9 hilde-vbox-win
192.168.1.10 BRN_0441B3 hl5250
178.79.146.162 dieter-linode1
# End of file
here's what I see in /var/log/daemon.log, when I start dnsmasq and do a dhcp request.
Note the discrepancy between what it says as "using nameserver" and what it actually tells clients.
Feb 12 18:10:50 dieter-p4sci-arch dnsmasq[2168]: started, version 2.55 cachesize 150
Feb 12 18:10:50 dieter-p4sci-arch dnsmasq[2168]: compile time options: IPv6 GNU-getopt no-DBus no-I18N DHCP TFTP
Feb 12 18:10:50 dieter-p4sci-arch dnsmasq-dhcp[2168]: DHCP, IP range 192.168.1.5 -- 192.168.1.255, lease time 12h
Feb 12 18:10:50 dieter-p4sci-arch dnsmasq[2168]: reading /etc/resolv.conf
Feb 12 18:10:50 dieter-p4sci-arch dnsmasq[2168]: using nameserver 212.71.0.33#53
Feb 12 18:10:50 dieter-p4sci-arch dnsmasq[2168]: using nameserver 192.168.1.1#53
Feb 12 18:10:50 dieter-p4sci-arch dnsmasq[2168]: read /etc/hosts - 10 addresses
Feb 12 18:10:56 dieter-p4sci-arch dnsmasq-dhcp[2168]: 2764941049 available DHCP range: 192.168.1.5 -- 192.168.1.255
Feb 12 18:10:56 dieter-p4sci-arch dnsmasq-dhcp[2168]: 2764941049 DHCPRELEASE(eth0) 192.168.1.5 80:ee:73:09:fa:94
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 available DHCP range: 192.168.1.5 -- 192.168.1.255
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 client provides name: dieter-ws
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 vendor class: dhcpcd-5.2.10:Linux-2.6.37-ARCH:i686:GenuineIntel
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 DHCPDISCOVER(eth0) 80:ee:73:09:fa:94
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 DHCPOFFER(eth0) 192.168.1.5 80:ee:73:09:fa:94
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 requested options: 1:netmask, 121:classless-static-route, 33:static-route,
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 requested options: 3:router, 6:dns-server, 12:hostname, 15:domain-name,
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 requested options: 26:mtu, 28:broadcast, 42:ntp-server, 51:lease-time,
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 requested options: 54:server-identifier, 58:T1, 59:T2, 119:domain-search
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 tags: known, eth0
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 next server: 192.168.1.2
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 1 option: 53:message-type 02
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 54:server-identifier 192.168.1.2
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 51:lease-time 00:00:a8:c0
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 58:T1 00:00:54:60
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 59:T2 00:00:93:a8
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 1:netmask 255.255.255.0
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 28:broadcast 192.168.1.255
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 6:dns-server 192.168.1.2
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 3:router 192.168.1.1
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 available DHCP range: 192.168.1.5 -- 192.168.1.255
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 client provides name: dieter-ws
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 vendor class: dhcpcd-5.2.10:Linux-2.6.37-ARCH:i686:GenuineIntel
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 DHCPREQUEST(eth0) 192.168.1.5 80:ee:73:09:fa:94
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 DHCPACK(eth0) 192.168.1.5 80:ee:73:09:fa:94 dieter-ws
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 requested options: 1:netmask, 121:classless-static-route, 33:static-route,
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 requested options: 3:router, 6:dns-server, 12:hostname, 15:domain-name,
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 requested options: 26:mtu, 28:broadcast, 42:ntp-server, 51:lease-time,
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 requested options: 54:server-identifier, 58:T1, 59:T2, 119:domain-search
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 tags: known, eth0
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 next server: 192.168.1.2
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 1 option: 53:message-type 05
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 54:server-identifier 192.168.1.2
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 51:lease-time 00:00:a8:c0
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 58:T1 00:00:54:60
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 59:T2 00:00:93:a8
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 1:netmask 255.255.255.0
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 28:broadcast 192.168.1.255
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 6:dns-server 192.168.1.2
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 9 option: 12:hostname dieter-ws
Feb 12 18:11:00 dieter-p4sci-arch dnsmasq-dhcp[2168]: 3497735943 sent size: 4 option: 3:router 192.168.1.11 yes, the dhcp server who's scope is full will not do a dhcp
'offer'
2 dhcp that answers fastest with a 'offer' will win. A delay is configurable (but changes nothing
about the root scenario were the fastest will win)
Note that if the scopes overlap on the servers, they might not lease out all the addresses in the scope.
I would enlarge the scope as you will want to fence against unavailability of one of the servers (or a network connection for that matter). you currently have more addresses leased out than any set of two of your servers can offer.
MCP/MCSA/MCTS/MCITP -
Can't specify DHCP DNS server ip with a 255 in it
I tried to add 64.102.255.44 a valid ip addres and a public DNS server to my DHCP configuration but the web interface says ip must be in the range 0-254. How can I report this bug?
Not sure which router you have, but I have a WRT54G V5 that I was able to add that IP address as a Static DNS Server without a problem....
You may need to call the Linksys/Cisco tech support number or use an online chat to report the bug...
Tomato 1.25vpn3.4 (SgtPepperKSU MOD) on a Buffalo WHR-HP-G54
D-Link DSM-320 (Wired)
Wii (Wireless) - PS3 (Wired), PSP (Wireless) - XBox360 (Wired)
SonyBDP-S360 (Wired)
Linksys NSLU2 Firmware Unslung 6.10 Beta unslung to a 2Gb thumb, w/1 Maxtor OneTouch III 200Gb
IOmega StorCenter ix2 1TB NAS
Linksys WVC54G w/FW V2.12EU
and assorted wired and wireless PCs and laptops -
Dear Community!
Could someone help me to fine-tuning DNS server configuration?
I'm configuring an IOS router act as a DNS server with the following parameters:
ip name-server [IP #1] [IP #2]
ip dns server
ip domain round-robin
ip domain name [domain.net]
The 1st DNS server is a public DNS server accessible from Internet, the 2nd one is a private corporate DNS server accessible from a site-2-site tunnel.
The client PCs at the remote end of the IPSec tunnel should query public DNS names from public DNS server, and the records of our private DNS domain.
Is it possible to configure a "policy" to query corporate DNS domain from a dedicated DNS server, and the other public DNS name from the public one?
Thanks in advance!
Best Regards,
Belabacsi
from Budapest, HungarySure, it's called DNS Proxy. It's not supported on all devices, so you'll have to check.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123relnt/800/rn830xc3.htm
DNS Proxy
In virtual private network (VPN), Point-to-Point Protocol over Ethernet (PPPOE), etc. PCs connected to the LAN may get Dynamic Host Configuration Protocol (DHCP) parameters including the IP addresses of the Domain Name System (DNS) server prior to the router connecting to the WAN to get the information over IP Control Protocol (IPCP). The objective with Proxy DNS (or caching-only name server) enables the router to receive DNS queries on behalf of the real DNS servers and proxy for the hosts on the LAN connected users. This enables the DHCP server to immediately send the hosts the router's own LAN address in lieu of the DNS server's IP address. The router forwards the DNS queries from local users to real DNS servers after the WAN connection comes up and caches the DNS records in response. Over the time, cache includes the DNS information most often requested by the local resolvers and this can reduce the overhead of packets to the WAN.
The router must obtain the correct DNS server information from the WAN in order for it to function as a proxy DNS server.
The global configuration command ip dns server enables DNS proxy server functionality on the router, and causes it to forward DNS queries to the actual DNS servers. The global configuration command dns-server address causes the router to respond to DNS queries with its own IP address.
HTH and please rate. -
Cisco 877W acting a a DNS server. Does it answer external DNS queries coming from the WAN
Hello,
I have a Cisco 877W running on my ADSL2+ service at home.
It is setup to act as a DNS server to answer DNS queries for my LAN and has the below commands as part of its configuration
ip dns server
ip dhcp pool LAN
network 192.168.2.0 255.255.255.0
default-router 192.168.2.254
dns-server 8.8.8.8
My question is, when I scan my WAN IP for open ports, port 53 (DNS) is open. Does this mean my router will be acting as a DNS server for anyone on the internet who directs DNS queries to my WAN IP?
If so, am I able to turn off port 53 towards the Internet, or do I need to add an an access-list to only accept queries from my internal network.
Thanks for your feedback.That's correct. The "ip dns server" command will answer queries on any interface.
Given that your DHCP server is telling your clients to use Google DNS and not your router, I would just turn the router's DNS server off with the "no ip dns server" command.
Setting up an ACL (and/or inspection or zone-based firewalling) on your Internet-facing interface is the best practice to protect your network in general, not just to prevent external DNS queries. -
Manually provided DNS server addresses are higher priority than DHCP's
Disclaimer: Apple does not necessarily endorse any suggestions, solutions, or third-party software products that may be mentioned in the topic below. Apple encourages you to first seek a solution at Apple Support. The following links are provided as is, with no guarantee of the effectiveness or reliability of the information. Apple does not guarantee that these links will be maintained or functional at any given time. Use the information below at your own discretion.
With the recent revelation of DNS server security issues, many have expressed a desire to use DNS servers they know to be secure rather than the servers specified by their routers via DHCP, which often are those of a particular ISP.
When you manually enter a DNS server address in Mac OS X Leopard's Network preference pane, the manually entered address(es) appear below any DHCP-provided addresses (which are shown in grey as they are unchangeable), leading one to assume that DHCP-provided addresses always have priority over any a user may specify.
However, a check of the /etc/resolv.conf file generated by Mac OS X shows that in fact user-provided DNS addresses will supercede any provided by DHCP.
As an example, if your router promotes itself as a DHCP server, its IP address, say "192.168.0.253," will appear, greyed out, in the Network->Advanced->DNS preferences pane.
If you then add, say, OpenDNS' addresses of "208.67.222.222" and "208.67.220.220," the preferences window will show:
192.168.0.253 (greyed out)
208.67.222.222
208.67.220.220
But the generated /etc/resolv.conf will show the order Mac OS X will actually reference the servers is:
nameserver 208.67.222.222
nameserver 208.67.220.220
nameserver 192.168.0.253
While this is non-intuitive, given how the addresses are displayed in the preference pane, it is exactly the way a user would hope things would work - allowing one to specify DNS servers to be used in lieu of any a router provides, especially handy if the router propagates the address of a DNS server that is having issues, that is untrusted or is simply overloaded or offline.
Do you want to provide feedback on this User Contributed Tip or contribute your own? If you have achieved Level 2 status, visit the User Tips Library Contributions forum for more information.That's very good to KNOW.
I figured it as such as I have some manual entries for the office and I don't use profiles, so it stays there when I go home.
I notice a slow-down when office DNS entries are used at home -as one would suspect.
I do like KNOWING that it's the case though - thanks for the info!
Scott -
Do I need to run local DNS server for NAT/DHCP to work?
Hello,
I'm coming across all kinds of explanations how to set up a server for public access, having a static IP and a pointed domain, but I have a dynamic public IP and don't need the server to be accessible through a domain name. I just want all the computers in my office to connect to the web over 1 cable connection. I've used Gateway Setup Assistant to set up NAT and DHCP and DNS and what not, but it didn't work out of the box. After some bootpd.plist fixes I now have DHCP working, it's handing out IP addresses, but all LAN connected machines cannot get onto the web, only the server can.
What am I doing wrong? Should I configure my DNS server differently? Or should it not be on at all, couldn't the local machines use my ISP's DNS servers?
Currently DNS is configured like this:
Settings are:
accept recursive queries from the following networks: localnets
forwarder IP addresses: (empty)
Zones are:
private. primary zone
134.23.24.in-addr.arpa. reverse zoneThough still a valid question for others I guess, I got my DNS working. The network preferences didn't have external DNS servers configured for the local network interface.
-
Why doesn't my airport express router issue proper DNS server address to DHCP clients?
I have an Airport express router (version 7.6.4). It was configured to connect to internet via a cable modem, acting as a router with NAT. This means it obtians WAN address from cable modem, and in LAN it assumes IP address 10.0.1.1 as a gateway, and issue IP address to my 4-5 wireless clients (MBA, iPads, PCs) vi DHCP.
However I recently encounter an issue, that the router no longer issues DNS server address obtained from Cable Modem(206.x.x.x) but instead tell every DHCP client to use router ip address (10.0.1.1) as DNS server. I was pretty sure before Dec 2013 it is issueing (206.x.x.x) to all DHCP clients.
Apparently now the Airport express is acting as a DNS server or as a DNS cache. This works sporadically and very often result in long DNS look up or DNS look up failure.
Is this a bug or is it supposed to do so? Any configuration can turn it off so Airport express will issue Cable modem obtained DNS server to DHCP clients?
My network otherwise works fine. for some of the Clients (e.g. one MBA) I configured DNS for it mannually and it's internet is working very smoothly.But this will be a problem for my ipad and iphone that uses wifi.
These devices either allow full DHCP. If you need to mannually enter DNS server, you will need to turn entire IP configuration to mannual and that will be a problem for me. -
DHCP giving out incorrect DNS server information
Migrated my ONLY DHCP server from a 2k3 server to a new 2k8 server and I cannot figure out why it wont give out the correct DNS server settings.
Here is what I have tried so far:
Stopped service on the old DHCP server and forced a /release /renew on the workstation.
Stopped service on both DHCP servers to see if there is some other DHCP server, computers wouldn't get any IPs.
If I setup a reservation for the workstation it will give out the CORRECT DNS settings.
Ran a GPO Policy result for the user and computer I'm testing and no IP configuration is configured at all for any GPO.
Other Information:
Only have 1 scope setup.
When I run a ipconfig /all it does show the DHCP server as the correct one (new server).
This problem was happening on the old server as well, I thought maybe migrating to a newer server would help but I'm getting the exact same results.
Thanks!Hi,
We can perform a network capture on the client. It will show the process of the DHCP.
Please check the DHCP offer message sent by the DHCP server and the DHCP request message sent by the client.
Make sure that the server gives the right DHCP setting.
If the server is giving the right setting, it should be a client issue. Please check the event log of the DHCP client.
If the server is giving the wrong setting, it should be a sever issue. Please check the configuration of the DHCP sever.
To download Network Monitor, please click the link below,
http://www.microsoft.com/en-us/download/details.aspx?id=4865
Best Regards.
Steven Lee
TechNet Community Support -
Hello,
I'm not sure how the following is working.
asa5525
anyconnect version 3.1
windows server 2008R2
When you come in via VPN I send clients to the windows server for DHCP/DNS info and records get created in the FLZ and RLZ. When folks disconnect from VPN those records in both FLZ and RLZ get purged instantly. When your on wired and disconnect those records in both zones do not get purged. I have my VPN scope and wired scope setup exactly the same. I'm new to managing DNS and DHCP and know there's a lot to learn but it seems odd that when leaving a VPN session those records fall off right away. I'm not sure if the ASA has something to do with it or the anyconnect client itself.
thanks for any help!
This topic first appeared in the Spiceworks CommunityHello,
I'm not sure how the following is working.
asa5525
anyconnect version 3.1
windows server 2008R2
When you come in via VPN I send clients to the windows server for DHCP/DNS info and records get created in the FLZ and RLZ. When folks disconnect from VPN those records in both FLZ and RLZ get purged instantly. When your on wired and disconnect those records in both zones do not get purged. I have my VPN scope and wired scope setup exactly the same. I'm new to managing DNS and DHCP and know there's a lot to learn but it seems odd that when leaving a VPN session those records fall off right away. I'm not sure if the ASA has something to do with it or the anyconnect client itself.
thanks for any help!
This topic first appeared in the Spiceworks Community -
Passing DNS server addresses through DHCP?
I'm setting up NAT & DHCP (both as a DHCP client & DHCP server) on a 2621. Since the DNS server address(es) are received on the router's interface configured as a DHCP client, is there a way to pass these (possibly dynamic) address(es) on the internal network clients? What I see in the DHCP server functionality is that the option specifying what DNS server(s) are passed on to clients is hard coded. If hard coding the option is my only choice, do I have any guarantee that the ISP will always use the same IP address(es) for its DNS servers?
Any insight would be appreciated.Thats exactly what the 'import all' command is for.
In your DHCP server, if you supply the command 'import all', it will seek the DHCP information that was given to it on the interface that has "ip address dhcp". It will store the information like DNS into your DHCP server, and then send that out to all devices receiving DHCP addresses from your server. -
Obtaining DNS servers automatically on Cisco ADSL routers;" not static dns with command dns-server x.x.x.x" ?
Ok Thank you Karsten
-
EA6400 Question. DHCP always sets router IP as first DNS server
Subj, is it ok? DNS server 10.2.2.1 removal from list does not changes situation.
DHCP client settings:
Current firmware 1.1.40.160989It makes no difference. Support has no complaints on this issue. But it is a pain in da a55 in conjunction with this
-
Hello!
I have this scenario on my small network with 10 PCs (connecting from outside to inside my network):
1) Modem with ADSL connection
2) Wireless Router with public IP on WAN interface
3) Switch
4) Server 2012 with DC/DHCP/DNS (with 2 NICs) and others servers/desktops machines
I want to share internet to servers and desktops.
I was able to share internet by 2 methods searching on google, but I am not satisfied with them:
First method - Using the Wireless Router and its DHCP Server
I turned on the DHCP inside the Wireless Router. All machines will get an IP and be able to go to Internet, but I don’t have the ability to control the DHCP and DNS in the router
how I would like to have, because the server DHCP and DNS must be turned off on Windows Server.
Second method - Using the Windows Server RRAS NAT, DHCP and DNS server
I have 2 NICs on the server:
NIC1 - CONNECTED TO SWITCH
IP: 192.168.1.1
MSK: 255.255.255.0
GTW:192.168.1.1
DNS:192.168.1.1
NIC2 - CONNECTED TO WIRELESS ROUTER
(the LAN IP of the wireless router is 172.16.0.1)
IP: 172.16.0.2
MSK: 255.255.0.0
GTW: 172.16.0.1
DNS: 172.16.0.1
After installing and setting the RRAS with NAT at the Server, the internet began to work on all machines but at some times the internet stop to load some
random webpages, and if you hit a couple of times the F5 button, the webpage open sometimes, but very, very slow.
I saw other people in foruns saying that RRAS is not very good, and could cause weird things at internet connection, so, now I think the internet is horrible
because of RRAS. After notice that internet is bad I tested it connecting a cable direct to the lan ports of the Wireless Router, and the internet works fast and perfect.
What is the best thing to do in my case to maintain Windows Server DHCP and DNS turned on and Internet be shared without loss of quality?
Thank you!Hi,
please deploy according to this network topology. please turn off DHCP from router and use internal NAT function to share internet. Detailed configurations:
Router part:
LAN address: 192.168.1.1/24
DHCP part:
scope name : site name
address pool: 192.168.1.3-192.168.1.254
scope options:
router:192.168.1.1
DNS server:192.168.1.2
DNS part:
configure a forwarder to point to the public DNS address such as 8.8.8.8
with these settings, you can maintain Windows Server DHCP and DNS turned on and Internet be shared via hardware router.
Regards,
Mike
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Maybe you are looking for
-
How do I embed pictures in e-mail?
I need to imbed pictures into my e-mail instead of attaching them. My daughter is in the navy and can not get attachments. I have tried copy and paste but unless I do that from an e-mail sent to me it doesn't work. == This happened == Every time Fire
-
Search response returning 100 items for all searches
Hi, In ATG 10 Search, I see wierd behavior while displaying the value of FacetSearchTools.searchResponse. Case #1 : total no. of products < 100 , responseCount = correct value AND all products displayed by paginating Case #2 : total no. of products >
-
Hi I have a summary report of customer activities in CRM system I need to fetch some pricing details from R3 system. Can anyone suggest me how to do this Thanks in advance kar
-
Calling an EJB throws an UNKNOWN exception
Hi EJB experts! I`m trying to call an EJB on OAS from Java application running within a JDeveloper. After several calls of remote method the application invokes the remote method again but exception java.rmi.UnexpectedException: CORBA: org.omg.CORBA.
-
I have a Nokia 9500 which I have never really used properly. However I have lots of telephone numbers on it and I want to put them into my Mac Book contacts. Can I sync the two up? I only need to do it once and then I am going to bin the Nokia as the