Lan2Lan-VPN & DNS-ReWrite
We have the following problem:
OutsideA/LanA --- vpn ---- LanB/OutsideB
In LanA and LanB we have DNS servers. When a DNS-Query on LanB is to be rewritten through the LanA side, and vice versa the DNS ReWrite doesn't work because of the NoNat setting for the VPN tunnel.
How do we get around this?
Cheers / Peter Stromblad
Are there any answers to this? I am interested in a possible solution.
Similar Messages
-
Hi All,
I have internal servers on the same segment with internal machines.
When I use an ASA to provide Internet, I can use a DNS rewrite function for the servers, so that the inside network can reach the inside servers with the private address (using a public DNS).
So, for example I have an internal server 10.1.1.1
I have the static NAT:
static (inside,outside) 20.1.1.1 10.1.1.1 dns
So, when an inside computer tries to get to mycompany.com, sends a request to the public DNS which resolves the public IP address, but when the reply comes through the ASA, the ASA then translates the DNS reply to the 10.1.1.1 address (and I can reach the server fine).
My question is:
Instead of an ASA, I have a Router 2821 12.4(24)T
Is there a way to accomplish the DNS rewrite function on the router???
ARENAS-CENTRAL(config)#ip nat inside source static 10.1.1.1 20.1.1.1 ?
extendable Extend this translation when used
mapping-id Associate a mapping id to this mapping
no-alias Do not create an alias for the global address
no-payload No translation of embedded address/port in the payload
redundancy NAT redundancy operation
route-map Specify route-map
vrf Specify vrf
<cr>
ARENAS-CENTRAL(config)#
Or, is there another way to accomplish this task?
Thank you!!
Federico.Hi Federico,
DNS doctoring which is the feature you are looking for is not supported on Cisco routers. As a consequence of your setup the local PC will try to access the server through its NAT address, which is also not possible on a Cisco router. This is because when NAT is configured we need to send the traffic from inside to outside to translate, and then to undo this translation it's a requirement that the traffic flows from outside to inside. All these requirements are based on the NAT RFC 1631, that's why on a Cisco Router configured with static NAT you are not able to see a local Web Server through it's natted address.
There are a few workarounds you can try on this kind of setup:
WORKAROUND 1:
Instead of using the public IP address, try to access the server through the private IP address. It's the most simple way to solve this issue.
WORKAROUND 2:
Configure one of your computers as a local DNS server and add a record stating that the only way to access the server is with the private IP address. Here is a useful link that explains how to configure a computer as a private DNS server:
http://www.microsoft.com/technet/archive/windows2000serv/evaluate/featfunc/dnsover.mspx
This is the best choice to do this configuration.
WORKAROUND 3
Configure the router as a DNS server. The local network should point its DNS queries to the router and configure a local entry for that server. In this way, when the LAN tries to access the public domain of a local address, the router will provide them with the private IP instead of the public IP. Here are the lines needed to configure the router as a DNS server (you need at least version 12.2(4)T)
config t
ip dns server
ip domain lookup
name-server X.X.X.X <<<<< PUBLIC DNS TO FORWARD QUERIES
ip host www.domain.com <<<<< PRIVATE ADDRESS OF SERVER
WORAROUND 4
There's something else you can do on each PC. You just have to edit a file that contains ALIAS for certain domain names pointing to an IP address. Of course, this only works when trying to access a server through the Domain Name, not with the IP address. The file is called "hosts". The Windows OS, before asking a DNS for a domain name checks this file to see if there is a shortcut to know the IP address belonging to the domain. On Windows 2000 and NT, it is placed in the following path (I think that also on XP you will find it as well):
C:\WINNT\system32\drivers\etc
You just need to edit it with NOTEPAD. Here is what you will find when you open the file:
# Copyright (c) 1993-1999 Microsoft Corp.
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
# For example:
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
This is why if you do a PING LOCALHOST on an MS-DOS window, you are pinging 127.0.0.1. You just need to add your domain name and point it to the private address of the server.
WORKAROUND 5:
Configure what is called NAT on a Stick in your router. This kind of special configuration "tricks" both the server and the LAN to believe they are talking with a completely different network, avoiding the issue related to the NAT. The problem with this configuration is that it is a quite heavy on the router and not always works so I would discourage its use because the router will get involved in all internal conversations with the whole network, therefore resulting in too much work for the router. Another thing you need to take in mind regarding this workaround is that this specific setup is not supported by Cisco.
Regards,
Rick. -
VPN DNS (no clients) not working after installing SL; resolver w/ no domain
Unfortunately, Snow Leopard has broken VPN DNS (thanks go out to Apple's QA department).
I've tried several methods of "fixing it", but I end up seeing the following issue (output from scutil --dns):
DNS configuration
resolver #1
domain : xxxx.cc
nameserver[0] : 192.168.0.1
order : 200000
resolver #2
nameserver[0] : 10.0.2.1
nameserver[1] : 10.0.2.2
order : 100000
Notice how there is no domain on resolver #2. No matter what I do, I can't get one to populate. So, requests to my VPN domain never get to the correct DNS servers and my connections fail. I've tried manually specifying DNS servers and domains for the VPN connection, but the domain still doesn't populate. I've also tried removing all files under /Library/Preferences/SystemConfiguration/ and rebooting, however that only resolved an earlier issue with simply connecting to the VPN endpoint.
Does anyone have any suggestions on how to populate a domain name in my second resolver?I Hope someone can figure this out. I too an having a similar problem. Its been a three fold issue. First it took me 3 days to install Snow Leopard (Disk kept ejecting during install), but once I got past that (with help from this forum) I got it installed. Once installed SL broke my internet connections. Network preferences said I was connected to my router and online (Skype showed I was connected), but iChat and Safari wouldn't connect. Again I was able to find a work around (not a true fix) on this forum which was, I had to move my system config file to the desktop and reboot, forcing the mac to create a new system config file for the internet. Now it would connect to my router and get on the internet. It did this like I was a brand new client connecting to my router. I had to re enter network key etc. Again internet is now working, however all my network profiles were gone. this now leads me to the 3rd and unresolved issue. I go through and reenter my settings and things seem to work until I get to the VPN. I use the standard PPTN VPN connection and enter my settings exactly the same as before. and it appears to work. It connects with my server, but not my compant "Intranet" Its accepts my company DNS and search domains but does nothing with them. I can't view anything internally. This exact same setup worked flawlessly in 10.5.8. Am I missing something or did I do something wrong? Please help. Need to access company resources or I will have to downgrade back to Leopard.
Thanks,
Nate -
Hi Everybody
302016 192.168.77.20 60817 FileServer_DNS 53 Teardown UDP connection 1003725 for outside:192.168.77.20/60817 to inside:FileServer_DNS/53
I am getting this error on my asa 5505 firewall and VPN user is not getting through DNS Server.
Any help will be appreciatedPost the configuration, also what type of VPN are we talking about, anyconnect, clientless or IPSec VPN client? Did you check if the server is responding through captures, what are you querying???
Value our effort and rate the assistance! -
Anyconnect SSL-VPN - DNS Lookups (external) doesn't work
Hello,
I have issues with my SSL AnyConnect VPN setup on my ASA 5512-x. The VPN , split tunneling and NAT exempt is working fine and i can connect to internal hosts.
However, external or internal DNS requests doesn't work on the clients (Windows, Anyconnect). I want full split tunneling, ie DNS requests should not go through the VPN.
The DNS requests works through NSLOOKUP but not in ping and in any browser.
(The config, request more if i've omitted something important).
ASA Version 8.6(1)2
access-list vlan42-splittunneling standard permit 192.168.42.0 255.255.255.0
ip local pool vlan42test 192.168.199.50-192.168.199.55 mask 255.255.255.0
address-pools value vlan42test
nat (any,any) source static any any destination static VPN-pool-range VPN-pool-range
object network VPN-pool-range
range 192.168.199.10 192.168.199.254
webvpn
enable Outside
anyconnect image disk0:/anyconnect-win-3.1.04072-k9.pkg 1
anyconnect enable
group-policy vlan42-clientvpn-policy internal
group-policy vlan42-clientvpn-policy attributes
wins-server none
vpn-tunnel-protocol ssl-client
split-tunnel-policy tunnelspecified
split-tunnel-network-list value vlan42-splittunneling
default-domain value doesntmatter.local
split-dns value doesntmatter.local
vlan none
address-pools value vlan42test
vpn-group-policy vlan42-clientvpn-policy
vpn-simultaneous-logins 20
service-type remote-access
tunnel-group vlan42-con-profile type remote-access
tunnel-group vlan42-con-profile general-attributes
authentication-server-group ah
default-group-policy vlan42-clientvpn-policy
tunnel-group vlan42-con-profile webvpn-attributes
group-alias privatecloud42 enable
group-url https://vpn.**.com/privatecloud42 enable
I gladly appreciate your help. Thank you.I don't have experience with the ssl client and vista, but I do use the new Anyconnect SSL client with vista. All you need to do is upgrade the ASA to version 8. Hope that helps.
-
I want to connect my company VPN, after I Login to VPN, I can not use DNS name to find my web application. It seems the DNS name can be resolve. But if I use other device such android system it work without this problem.
The following is the basic setup for DDNS on the AirPort using AirPort Utility v5x:
AirPort Utility > Select the base station > Manual Setup >AirPort > Base Station tab > Edit ...
Use dynamic global hostname (checked)
Hostname: <enter your DDNS service domain here>
User: <enter your DDNS user account name>
Password: <enter your DDNS user account password>
Click "Done."
AirPort Utility > Select the base station > Manual Setup > Disks > File Sharing tab > Share disks over the Internet with Bonjour (checked) -
Hi, I have setup my server to host VPN using PPTP (cannot use L2TP due to router restrictions)
The server is on a private IP and is in a DMZ from the router.
The VPN client can connect to and authenticate to the VPN server. It can also ping the internal network. However, for some reason the DNS port is restricted. I get the following in my firewall log...
Sep 21 14:35:08 mailgate ipfw[319]: 65001 Deny UDP 192.168.1.221:58302 192.168.1.2:53 in via ppp0
Is there any reason why my firewall wont allow access to the DNS server?It can be done in the "Advanced" firewall rule settings in SA with a bit of testing.
This is my old instructions (should work):
Add an Advanced rule:
Action: (Allow)
Protocol: (Other...) ip
Service: (Other...)
Source:--------------------------
Address: (Other...) 192.168.1.0/24
Destination: ---------------------
Address: (any) any (empty when you enter it - filled in by the GUI if you go back in) ??? Does it still do this?
Interface: (Other) via ppp0 keep-state
leave all other fields empty
I don't like using 192.168.1.0/24 or 192.168.0.0/24 for the server LAN when using VPN. -
Hi all,
Pretty sure this question might have been asked before so sorry in advance but I cant see it by searching.
I am trying to VPN into my windows network using a pptp connection on iPad but I dont get the domain suffix added and therefore struggle with a particular application installed on the network I need to use.
I get the DNS server added ok and can establish a VPN conenction just fine.
I dont however get the suffix applied and so when trying to access an application published via a webserver internally I am struggling.
Does anyone know if this is doable?
Thanks in advance, NikHi,
Thanks for the reply, I really appreciate the help.
I have the scope option set for adding the DNS suffix on my DHCP server already but I'm not sure iPads use this?
I have a network app installed on the iPad and it tells me my IP address and the DNS server which all look correct.
If I try and ping any server by just its dns name without suffix / FQDN then it fails. If I add the suffix then it resolves.
The problem is that the web application url redirects at some point and then causes the problem to re-appear i.e. http://intranet.yourdomain.xxx works initially but then due to a redirect it tries to resolve a non fqdn url.
Any other ideas? -
Why doesn't VPN DNS override adapter DNS?
There are DNS servers that help me get around my work network. But when I'm away from the office I only want to use these DNS servers if I'm connected to VPN, else I want to pick up the default DNS.
There's an option to configure DNS addresses for VPN connections. However, these never get used as far as I can tell. As long as the DNS server I want to use is missing from my adapter's (e.g. wifi or ethernet) DNS settings, I will not ever see the machines whose addresses are resolved by my work network's DNS.
I've seen this reported other places but no solution. Is it possible that this could be fixed in a future update? As for now, I have to switch "locations" (i.e. Apple menu --> Location) instead of having one setting that works everywhere. That, or use IP addresses instead of computer names.
Alternatively, I'd like the DNS servers that I add manually to be *in addition* to the servers that are picked up automatically. Right now, if I add my work DNS, then I also have to add a public DNS just to get to the internet when outside of work. I'd like to add my work DNS to my ISP or home network's DNS.The problem is when switching between networks the last Dns server are cached.
For example say my works dns is 10.10.10.1 and 10.10.10.2. If u go home and connect to my wifi they should no longer be there and visible in the Network preference pane but they are.
The only way is to have different locations set or to do it from the command line
networksetup -setdnsservers "Built-in Ethernet" "Empty"
https://discussions.apple.com/thread/377247?start=0&tstart=0 -
VPN / DNS Settings on Time Capsule
Afternoon Board!
I've recently appled up after my Samsung died. Got myself a 13" Macbook Pro and a 3TB Time Capsule for the wireless. I'm based out in Abu Dhabi, UAE, and the internet is heavily censored along with not being able to download UK content for my Xbox360.
I get round the internet censorship by using a VPN (Overplay.net), however I've recently read that it's possible to sack the VPN completely if I play around with the DNS settings. The VPN also heavily throttles the internet speed (we god own from 16mb/s to around 3mb/s when using the VPN)
I'd prefer to do this on the Time Capsule itself, since then any other device using the Time Capsue (our mobiles, Ipads, Xbox, Apple TV etc), would then automatically be able to use the interweb as if based in the UK.
However, I have no idea where to start with this, and would really appreciate any help you could provide.
Thanks in advance,
BrianDid you try changing the dns directly in the aztech.. that is the easiest way.
You must be using it as a router.
Change the primary dns server for whatever dns service you want to use.
The TC is then in bridge mode.
Is your TC the latest AC wireless version?
If so you might find you are stuck.. I fixed up an earlier version TC to give the right DNS to clients for watching overseas TV but that is using the v5 utility. Since this is now not possible in the latest TC you might be stuck.. do you have a PC in the network.. you might find you can change it using the 5.6.1 utility from windows.. but I do not have latest version TC to check. -
VPN + DNS-Enabler + Wide Area Bonjour = no success
Hi,
what I am trying to do is broadcast the bonjour services of my home network such as file sharing, iTunes home-sharing and the like through my VPN connection. Since I am not too savvy with networking related topics I bought "DNS Enabler Snow" since it advertises to provide wide area bonjour with a minimum of setup hassle.
Now I am only getting so far that I can see my machine at home through VPN under "Network" in OS X. But I cannot connect. It always says "Connection Failed". Neither can I see my home iTunes library.
In the "Domains" section of DNS Enabler I entered:
Domain Name: <my DynDNS Domain>
Primary DNS Server: <my DynDNS Domain>
Host Name: <my DynDNS Domain>
IP address: <the local IP address of the machine running DNS Enabler>
In the bonjour section of DNS Enabler I entered:
Service Type: afpovertcp.tcp
Service Name: File Sharing
Host: <my DynDNS Domain>
Port: 584
TXT: path=/
Can anyone hint me at what might be wrong with this configuration?
Thank you!
FlorianI think the problem with the current setup is the use of the DynDNS hostname for the AFP service's hostname. When you're connected via the VPN you are effectively on the same network and so connection's attempted to the external-IP recorded by the DynDNS hostname will fail as it's not possible to loop back (for want of a better description) through the router. If you add a new A-record to the zone that points to the machines internal IP address and then change the service to point to the new record it should work via the VPN.
iTunes sharing won't work via this method as iTunes will only register and browse for services in the ".local" domain. The ".local" domain (a top-level domain like ".com") is only available via multicast-DNS. Multicast traffic as a general rule is not carried over a VPN (or the internet for that matter) as due to it's broadcast nature it can quickly clog up and cripple a network.
Hamachi unlike most VPN solutions presents itself as a virtual network interface that can carry multicast traffic which is why iTunes sharing works over a Hamachi connection. A cursory Google search tells me that multicast traffic can be carried over a OpenVPN connection with some additional configuration - your mileage might vary though.
Wide-Area Bonjour works by adding an additional domain to the system that software can then use for registering and browsing services. Unlike regular Bonjour, Wide-Area Bonjour works over the internet as it's based on traditional unicast DNS with a few extensions for updating records in realtime and NAT-PMP or uPNP (one or the other is in pretty much every router) for automatically setting up port-forwarding. If NAT-PMP or uPNP is not available, services can still be browsed but can not be registered (only services that can accessed via the internet are advertised); it's for this reason that Wide-Area Bonjour won't work properly in concert with a VPN. Whilst most OS X software is written to just register and browse in whatever domains are available there are some like iTunes that only register in the ".local" domain.
You can find out more detailed information about these topics at http://multicastdns.org/ and http://dns-sd.org/. I'm happy to answer any further questions you might have either here or via email. If my Wide-Area Bonjour service sounds like a good fit for you, please drop me a note and I'll let you know when I open-up the service to new users again (slated for mid-March). -
Interprovider MPLS VPN - "drop -- rewrite null"
Hi,
i have an interprovider VPN where a remote route is received on ASBR and forwarded to my AS PE but traffic coing from my PE is dropped because label forwarding is not installed:
c2851-ASBR#sh ip bgp vpnv4 all la
Network Next Hop In label/Out label
Route Distinguisher: 3302:141141
10.0.0.0/24 172.26.107.94 20/100192
81.114.246.16/29 172.16.0.4 22/18
192.168.0.0 172.16.0.4 21/16
c2851-ASBR#sh mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 172.16.0.4/32 0 Gi0/1 172.26.0.2
21 16 3302:141141:192.168.0.0/24 \
0 Gi0/1 172.26.0.2
22 18 3302:141141:81.114.246.16/29 \
0 Gi0/1 172.26.0.2
As you can see the label 100192 is not present in the mpls forwarding.
If i create the vrf on the ASBR everithing works correctly:
c2851-ASBR#sh mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 172.16.0.4/32 0 Gi0/1 172.26.0.2
20 100192 10.0.0.0/24[V] 488 Gi0/0.124 172.26.107.94
21 16 192.168.0.0/24[V] 472 Gi0/1 172.26.0.2
22 18 81.114.246.16/29[V] \
0 Gi0/1 172.26.0.2
Thanks
S.the lab setup is quite simple:
AS1 PE --ibgp-- AS1 ASBR (172.26.107.94) ----ebgp---- AS2 ASBR (172.26.107.93) --ibgp-- AS2 PE (lo0 172.16.0.4)
From the AS2 ASBR the next hop for the internal route is the lo0 of the AS2 PE and the next hop for the AS1 route is the ip address of the btb interface (the ebgp peer is built on the directed connected interface). So no problem on the ebgp next hop.
The label swap from 22 to 18 is unidirectional and is used for the traffic coming from AS1 PE directed to the AS2 PE for destination network annouced by AS2PE.
From the AS2PE point of view there is no problem on the traffic forwarding (label 20 is imposed to the packet and this is the right behaviour) but AS2ASBR doesn't swap it with label 100192 because it is not in the mpls forwarding table. so i think that the problem is not on the PE but in the behaviour of the ASBR.
s. -
CISCO ASA 5505 Split Tunnel DNS with Site to Site VPN
I have a working configuration for Site to Site VPN between our head office and a private AWS VPC instance.
The tunnel is active and I can ping the IP address of the remote network and connect to the remote machines using the IP address, but we need to use the FQDN and not the IP. We have a DNS server set up in AWS for any DNS queries for the remote domain name.
My question is whether or not the ASA 5505 supports a DNS split tunnel for Site to Site VPN and how it can be configured.
I can not find where I can interogate the DNS query to be redirected to the VPN tunnel when our domain name is used in a DNS query. Thus, any pings I try with the FQDN of our servers in AWS are failing as they are going to the default DNS, which is the internet.
Can any one point me in the right direction on how to configure this DNS rewrite so that we can access our AWS private cloud using FQDN from our AWS domain rather than an IP address?Jose, your fix to problem 1 allows all access from the outside, assuming you applied the extended list to the outside interface. Try to be more restrictive than an '...ip any any' rule for outside_in connections. For instance, this is what I have for incoming VOIP (access list and nat rules):
access list rule:
access-list outside_access_in extended permit udp any object server range 9000 9049 log errors
nat rule:
nat (inside,outside) source static server interface service voip-range voip-range
- 'server' is a network object *
- 'voip-range' is a service group range
I'd assume you can do something similar here in combination with my earlier comment:
access-list incoming extended permit tcp any any eq 5900
Can you explain your forwarding methodology a little more? I'm by no means an expert on forwarding, but the way I read what you're trying to do is that you have an inbound VNC request coming in on 5900 and you want the firewall to figure out which host the request should go to. Or is it vice-versa, the inbound VNC request can be on port 6001-6004 ? -
I've done my best to search for an existing discussion on this topic, but couldn't find anything conclusive or exactly the same.
I'm brand new to Apple and OS X Server, but think I have made good progress with this one exception.
Setup: XServe with OS X Server SL setup as a Gateway directly behind an ISP/Cable modem. WAN configured and connected to the ISP, and one LAN with the default setup at 192.168.1.x (DNS at 192.168.1.1). I used the Gateway Assistant to get basic network settings initially configured, including DHCP, Firewall, DNS, and VPN.
I'm using DNS with a single primary zone for internal domain purposes and forwarders for Internet resolution. I have customized it to include various machine records within my LAN. Outside of the LAN, DNS is handled at register.com to point all traffic to my servers WAN IP.
In short, when connected directly to the LAN, all works like a charm. Internal DNS handles everything perfectly, and connects to the Internet for everything else.
However, when I connect to my environment from the Internet via VPN (LT2P and PPTP) and a Mac OS X SL client machine DNS doesn't seem to function and I can't even ping my DNS server by IP (192.168.1.1). Any attempt to ping any resource by name including my primary zone's FQDN fail/timeout. I can only ping other LAN resources by IP.
Not sure if this is useful or a valid test, but when I establish a VPN connection while on the LAN, everything works great and as expected, and I seem to get the exact same network settings assigned by the server as when coming from the Internet.
Just not sure where to go from here? I seem to be on the LAN via the VPN, just can't really use it effectively if I can't leverage internal DNS.
Any suggestions would be much appreciated.Have you manually entered your server DNS in the VPN DNS settings tab of your client machine? This may not be applicable to you as we use a hardware VPN router as we never could get the Mac VPN working. However, if i connect to our VPN without the DNS entered in my PPTP config I experience a similar issue as you. I can access our shared AFP, ping IPs, but not resolve domains. To fix this I put both our primary and secondary internal DNS plus search domain in the System Preferences/Network/VPN(PPTP)/Advanced/DNS tab of my PPTP connection.
Also i noted that if you have multiple configurations under one VPN interface - all configurations will be set to that DNS. To get around this i had to add multiple VPN interfaces for my various VPNs instead of using multiple configurations under one interface.
Not sure if this will help but its what worked for me. I am new Server as well and been trial and error setting up a couple Mini Servs. It look me a while to break enough things to figure it all out but I now have a slick little setup. -
I am connecting to my computer at work through VPN > Remote Desktop
The problem is once I have connected to VPN I can only reach my computer by entering my work computers IP address and not computer name.
Our server uses 2 nics and I have been told to enter the internal IP address of the server as the DNS under Network > VPN > DNS. However as soon as I connect via VPN the server's DNS number is automatically entered into Network > VPN > DNS and it is grayed out so I can change or remove it.
I have obviously misunderstood something but what?
Rich(Background: +Issues with resolution of network domains while connected via VPN (PPTP, in this scenario's example) using Mac's Network Client using the "DNS Servers" and "Search Domains" Tabs to add additional functionality to the Network client+. *Are these broken or are we all doing something wrong?*)
I am having almost the same issue and have tried +*just about anything*+; however, my issue is different in that the IP address I enter for my company's primary internal DNS server "sticks" in the VPN connection settings (after I apply the settings and connect successfully). BUT, domain names still do not resolve. I know they are correct.
It does add the secondary and tertiary DNS Servers for my company, in grey (because I do not enter them, I presume?), but the primary DNS server remains in black throughout.
Now the funny thing still is nothing ever resolves. I have enabled IP-Forwarding, to no success ( per http://discussions.apple.com/thread.jspa?messageID=7530699� ). I know I can edit /etc/hosts file, but I do not feel like I should have to resort to that as a work-around. This function is there for a reason and it should work.
My company's servers are Microsoft...so this is a PPTP Connection. I am NOT sending ALL TRAFFIC OVER VPN (and I do not have to for this to work .
I have attempted entering:
company.local and also
company
in the "Search Domains" box as well. This also did not fix the issue (I applied/saved/disconnected/reconnected). Nope nothing.
10.10.10.52
I use either, for example:
http://foo
or
http://foo.company.local
And have even tried
http://foo.company
or http://foo.company.local.com (just to be sure)
However, on a Windows P.C. I know functions, remotely over VPN, correctly simply as:
http://foo OR http://foo.company.local
+**(And yes, company.local is just a placeholder for the real deal...).+
So why won't it work from my MacBook Pro? I've seen a lot of posts here about this and they all seem to end up giving up.
It works on my Linux machine and Windows machine...just not Mac OS X current. It's strange And it's just simple ole' reverse DNS (domain retrieval) over PPTP VPN.
I am very grateful for your time and assistance should you choose to accept this mission! It will help numerous other people too, I am sure (if you just search this board, you will see...).
Thank you again for your time.
Sincerely and thankfully,
Craig Huffstetler -aKa- xarquid
#mysql [] #apache -|- freenode irc
Any help would be greatly, greatly appreciated.
Notes:
This has been tried Wireless and Wired.
It has been tried using multiple locations and routers. All unsuccessful (like the above).
IPs work, adding to the /etc/hosts file work fine too, etc. -- just not using the Mac VPN Connection Networking Tool...
Maybe you are looking for
-
Movies and songs for your apple Tv
hey everyone, kinda new here, have my iMac and Apple Tv for ages now. (use it tons) anyway I read a few posts and I have noticed that everyone talks about movies/songs for iTunes, you know you can put any movie any song on the apple tv? you DON"T hav
-
How to use Derivative x(t) PtbyPT , I'm not sure, when i use.
when i use this function i'm not sure that i connect its correct or not, could you help me for checking? but i saw that the output of integral x(t) PtbyPT is very large, it's correct or not? Attachments: TEST.vi 68 KB
-
Hi everyone, i'm trying to create a vi that is able to run more than one test simultaneously but so far i only succeed in using the tab control to control case structure. What should i do to change the vi to suit my objective? thanks for any insight.
-
I've been experiencing very slow download speeds for nearly the past week. I called service last Friday, and they told me it would be fixed in 24-48 hours. I haven't seen any improvements whatsoever. On speedtest.net, I'm getting 0.7 mbps, and I shou
-
I just downloaded iTunes to a new computer. It's been a while since I used iTunes on my old computer, so the new one has a totally different user interface. I signed on to my account and saw my music but I have no playlists on the new computer. Wh