[VPN] Re: Cisco VPN and split DNS

Tue Apr 11 07:18:47 EDT 2006

Thanks for the several replies.  (1) These are set by groups and we 
have them set that way.  The config is so simple it's hard to 
understand why it doesn't work (but see below).  (2)  Yes, the best 
answer (if we hadn't found the 'real' one) would have been to enter 
the local DNS list into the home DNS server, and that's where we were 
going, until....

Now, after all that, a colleague found a document somewhere on the 
Cisco site saying that Split DNS was turned off in 4.6.03.021.  The 
next versions, including 4.6.04.043, which I'm trying now, turn it 
back on.  Hm...

All well and good.  We didn't even think that the functionality could 
be missing in the release we were using, as we ran this by Cisco and 
all they said was to configure it in the concentrator, which is 
really one checkmark and one domain entry (the one to be sent down 
the tunnel).  I would have hoped that when they heard the version we 
were using, a red flag would have popped up.   Guess not.

Thanks, folks!

On 10 Apr 2006 at 11:18, Lee Sweet said:

From:           	"Lee Sweet" <lee at datatel.com>
To:             	vpn at lists.shmoo.com
Date sent:      	Mon, 10 Apr 2006 11:18:00 -0400
Subject:        	[VPN] Cisco VPN and split DNS

> Situation:  Branch office of ours needs to connect to home office for
> email and other resources.  They use Cisco VPN client version
> 4.6.03.0021 connecting to Cisco 3000 concentrators.  They also need to
> have simultaneous access to local resources.
8<snip>8> 

--
Lee Sweet
Datatel, Inc.
Senior Telephony and Communications Specialist
How higher education does business.

Voice: 703-968-4661
Cell: 703-850-2385
Fax: 703-968-4625
lee at datatel.com
www.datatel.com