RE: VPN/DNS

From: Bill Wu (bwu@xxxxxxxxxxxxx)
Date: Mon Oct 22 2001 - 15:06:46 GMT-3

• Next message: Andy Singh: "OT: Bad Flash on a Local Director"
• Previous message: Ash Aslam: "ECP-2 Class Rating"
• Maybe in reply to: Keyur Shah: "RE: VPN/DNS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
I think I have answered your first question. For your second question, you
can configure ACL so that packets destined to private are sent to VPN tunnel
and packets destined to public are sent to your ISP directly. Of course,
your DNS packets will be sent through VPN tunnel to your corporation DNS
server in centre office.

Bill.

-----Original Message-----
From: tom cheung [mailto:tkc9789@hotmail.com]
Sent: Monday, October 22, 2001 10:15 AM
To: bwu@coraltech.com
Subject: RE: VPN/DNS

Bill,
What I wanted to achieve is to configure the remote router in a way such
that Internet traffic will hop off the ISP while corporate traffic gets
directed towards the VPN tunnel. For example, someone wants to access
Yahoo.com, that traffic will be sent directly towards ISP without having to
hit the corporate network at all. In other words, the VPN tunnel will carry

only corporate traffic only.

Regards,

Tom

>From: Bill Wu <bwu@coraltech.com>
>To: 'tom cheung' <tkc9789@hotmail.com>
>Subject: RE: VPN/DNS
>Date: Mon, 22 Oct 2001 08:58:18 -0400
>
>I don't think you can configure 2 DNS servers. One DNS server is enough.
>Corporate DNS will resolve Internet name for you.
>
>Bill.
>
>-----Original Message-----
>From: tom cheung [mailto:tkc9789@hotmail.com]
>Sent: Friday, October 19, 2001 4:31 PM
>To: ccielab@groupstudy.com
>Subject: OT: VPN/DNS
>
>
>Group,
>I have a question about Internet access for a connection between a remote
>site and a central office using IPSec/VPnN tunnel:
>
>My thinking is that I'll setup a no-NAT tunnel between the two sites and
>direct intranet traffic over this tunnel, and let Internet traffic hop off
>via the ISP. At the remote site, I now have two DNS, from the ISP and from
>the private net. How do I set up the remote site so that name resolution
>for Internet traffic is directed towards my ISP's DNS and intranet traffic
>towards the Corporate DNS? Would you nail static routes to direct company
>traffic over the no-NAT tunnel and default route to the ISP to accomplish
>this?
>
>Many thanks and regards,
>
>Tom
>
>

• Next message: Andy Singh: "OT: Bad Flash on a Local Director"
• Previous message: Ash Aslam: "ECP-2 Class Rating"
• Maybe in reply to: Keyur Shah: "RE: VPN/DNS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 22:33:23 GMT-3