Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 2 replies
  • Subscribers 28 subscribers
  • Views 756 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNS Not Working through IPSEC Remote Access

JeffCooper

Hi,

I got a Remote Access IPSEC working on an XGS2300 (v19). It worked but was unusably slow. Sophos support suggested I disable "Use as default gateway" and explicitely add resources VPN clients could see.

I want them to see the entire LAN, and the XGS doesn't let me add zones to the "Permitted Network Resources" list, so I created a network called "LAN Test" and gave vpn clients permission to see it in the firewall.

I could see the network, but DNS is not working. I have tried defining the base of the IP range I set (10.242.4.1), the gateway's LAN address (192.168.16.1). I cannot find where to point vpn clients so they can see dns entries I have assigned to internal resources (fileserver, databases, etc). 

In the screenshots you'll see an attempted just made that didn't work (creating and adding a "vpn 242" network thinking maybe it would allow VPN clients to see 10.242.4.1, But alas, no.

Any help would be appreciated. I'm soooo close.

Thanks,

Jeff

 



This thread was automatically locked due to age.
Parents
  • 0

    how do you check the no working dns.

    i would suggest to use nslookup first (you may post the result)

    which dns you configure for ipsec?

    you should try to configure the vpn-dns-suffix for your clients ... matching your internal dns-name.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • +1 in reply to dirkkotte

    Thanks. Found the issue. The issues was there wasn't an issue. I'm in the office and was testing by opening a vpn from my phone so I would be connecting from a WAN address. But iPhones won't use the assigned dns server when splitting tunnels. When I set up a hot spot and used my computer it worked fine.

    The problem was my test environment, not the gateway.

    Thanks,

    Jeff

Reply
  • +1 in reply to dirkkotte

    Thanks. Found the issue. The issues was there wasn't an issue. I'm in the office and was testing by opening a vpn from my phone so I would be connecting from a WAN address. But iPhones won't use the assigned dns server when splitting tunnels. When I set up a hot spot and used my computer it worked fine.

    The problem was my test environment, not the gateway.

    Thanks,

    Jeff

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML