Cisco VPN / Firewall configuration
Scot L. Harris
webid at cfl.rr.com
Sat Jul 24 23:14:02 UTC 2004
On Sat, 2004-07-24 at 18:56, G-Love wrote:
> From the Cisco 2000 VPN Concentrator Configuration page:
>
> "In this section, you are presented with the information to configure
> the features described in this document. Split DNS parameters are
> configured under the group parameters on the Cisco VPN 3000
> Concentrator. Therefore, no configuration on the client is necessary."
>
> So all of the DNS information in configured on the concentrator side -
> no client side configuration necessary. I never had this problem when
> we used the older, 5000 series concentrators. Thinking about it, I
> believe that there was some DNS configuration necessary on the client
> side when first installing the client SW. Maybe I'll ask around if
> anyone else has seen this behavior, since an improper configuration on
> the concentrator side means others would see this behavior as well.
>
> -greg
Ah! Now that sounds better. From the other discussion I was beginning
to think that Cisco had a big hole in their VPN software. This sounds
like they use a similar scheme, the policy is set on the concentrator
and apparently transfered to the client. This would also apply to
configuration of the split tunnel setup.
--
Scot L. Harris
webid at cfl.rr.com
I used to be an agnostic, but now I'm not so sure.
More information about the fedora-list
mailing list