I have several VPN sites terminating on a 5510 firewall. all work fine but i cant get the traffic from the VPN sites to communicate with a server on a dmz on the same firewall.
a packet trace from the outside to the dmz shows this:Type: VPNSubtype: encryptResult: DROP
ive configured access to the dmz the same as to the servers on the inside. I can get to the inside servers ok.
My client has MPLS network via eBGP to communicate with all the sites. Here is the basic config on the router.router eigrp 65210.neighbor 192.168.1.2 remote-as 13939
When they installed the internet on the local router, and added the static route on the router to hit the internet, they need to add the static route (2nd one) to communicate to the other sites.
ip route 0.0.0.0 0.0.0.0 75.75.75.1
ip route 192.168.0.0 255.255.0.0 192.168.1.2
ip route 172.20.0.0 255.255.0.0 192.168.1.2
They want to route all the traffic out thru the local intenet besides their private networks ( 192.168.0.0/16 and 172.20.0.0/16). Are there ways not to add last two static routes and communicate the other sites via eBGP?
I am wondering if this is possible. We have multiple internet connections with fixed IP's coming into the office. We'd like to use one for FTP backup and another to service our websites. From what i have read a 5510 doesn't do policy based routing, but we'd like to configure our ftp server to use one of the internet pipes and our webserver to use another internet pipe. Is that possible?
We'd have two outside fixed IP interfaces and two internal interfaces. I could then use one of the internal interfaces for the web server and the other for the FTP server. consequently if the internal web server and FTP server use the fixed IP"s corresponding DNS server wouldn't that effectively route all FTP traffic out one interface and all web traffic out the other?
Then the FTP traffic would be NAT'ed to an internal interface and the HTTP & HTTPS traffic would be NAT'ed to a separate internal interface.
Then if each of the internal servers used the corresponding internal NIC on the ASA as it's gateway and the fixed IP's that correspond to the external DNS server, then it would affectively only use that gatway out for traffic? Would that work? Does it should route traffic out those pipes correct? Will the asa support two different next hop routers for the two different interfaces?
I have two VLANs set up on a Catalyst 2950 switch: VLAN 1 (192.168.1.x) and VLAN 2 (192.168.2.x). VLAN 2 can ping the router on the 192.168.1.x network and nothing else, which is what I want. However, computers on the 192.168.1.x network can ping computers on VLAN 2, which is what I do not want. I want to make it where VLAN 1 and VLAN 2 cannot communicate with one another, but that VLAN 2 can still ping the router on VLAN 1. I've read about access control lists and ip tables
View 3 Replies View Related I have a LAN with several linux boxes (Fedora 17, both 32 and 64 bits), as well a a WInXP box. All of these are connected to the same switch, which is connected to the inside port of my PIX 515.
For a few sites (mozilla.org happens to be one of them), for http access, the tcp connection is established, but the "GET" request - or anything else for that matter - will not go through the PIX (from inside to wan). I have verified this by first, using wireshark to watch the packets being sent out from the client box, then by using the trace function in the PIX to see that the packets ARE arriving at the inside interface, but ARE NOT sent out of the wan interface.
This is for the linux boxes ONLY. When I do the same thing with my WinXP box, all works: in the PIX trace, I see the packets arrive at the inside interface, and leave the wan interace. And access to these sites are okay.
(What's a bit weird, although somewhat expected, when I connect my android phone to my LAN via WiFi, it too is unable to reach those sites - but then again, android is linux, right?)
In addition to the tracing, I have narrowed this problem down by connecting a linux box directly to my DSL router, then replacing the PIX with a simple router/gateway. Both of those solutions work.
Some background:
I have been using this PIX for about 10 years now, with the same configuration (except IP addresses). Only in the last several months has this problem started to show up.
I got this pix from a dead company at a really great price (free), so I'd like to keep it, and not have to spend money on something else. I don't have any support license, and have not been able to get any software upgrades. Here is its version info:
taz(config)# sho ver
Cisco PIX Firewall Version 6.2(2)
Cisco PIX Device Manager Version 2.0(2)
Compiled on Fri 07-Jun-02 17:49 by (code)
Serial Number: 405200362 (0x1826ddea)
Running Activation Key: 0x38ac31f3 0x0630df47 0x9a77b805 0x8bc39a60
PS: Since this PIX is at its end of life, I was wondering if any of the software upgrades would be now available without a license?
We have a Cisco 2921 router at the head office (Easy VPN Server) and been deploying Cisco 887VA (EasyVPN remote - Network Extension) for remote offices using EasyVPN. We are allowing Voice and Data traffic over VPN. Everything has been working great until this issue was discovered today:
When a remote user behind Cisco 887VA calls another remote user also behind Cisco 887VA, the call connects and Avaya IP phone rings but no voice in either direction.
Calls to/from head office and external mobiles/landlines are fine. Only calls between two remote sites are affected. As there is no need for DATA connection between Remote office, our only concern is Voice support.
I think "hair-pinning" of traffic over VPN interface is needed. (Examples configs etc).
Upon trying to perform device discovery in LMS 3.2.1, we encountered this error stating "Cannot communicate with JRM Server."
View 1 Replies View RelatedI've been having a problem with my browser lately, Its really slow and it turns out I have 1000 ping average ...the ping does up and down some times its 1 or 2 sometimes 500 . any way I get this msg when I use the diagnose option " Cannot communicate with DNS server(196.40.3.9) .
View 14 Replies View RelatedHaven't been able to connect to the internet for the whole day,This is what I get when I run ipconfig in the cmd, tried doing the two resets but it won't work!
Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:UsersFelicia>ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Michelle-PC
[code]....
I have an ASA 5510 working in Routed mode for a company with the following networks. everything works fine as desired. Below are the interfaces, security and ip addresses .
Ethernet0/0 DC_SERVER security-level 100
ip address 172.16.11.12 255.255.255.0
Ethernet0/1 Branches security-level 50
[Code]....
I recently set up our new Cisco Linksys E1000 router (we originally had a Belkin, but it is dying). It works perfectly fine on my desktop. However, there is only a "local connection" on my mom's laptop, a Toshiba Satellite running Vista. Diagnosis: Cannot Communicate with Primary DNS Server (68.105.28.12). I've read a bunch of other posts on many websites but so far nothing has worked.
View 3 Replies View RelatedMy friend and I bought Acer Aspire 5741's about 9 months ago and neither of us has had any problems until now. My friend went to connect to the internet via wireless router yesterday to find that there was limited connectivity (no internet access). We assumed it was a router issue and I gave her a number of things to check but all seemed ok with it. I went to her house to look at it today and when I ran the connection troubleshooter got "windows can't communicate with.......... (DNS server)". I connected my laptop via her router and everything was fine. I brought her laptop back to my house and tried to connect to the internet via my router and got exactly the same 'DNS' message - my laptop again connected without any problem.
I have re-booted the routers, laptops, network adapters etc and also checked the wireless adapter settings on both laptops, which appear to be the same. I have re-set the TCP/IP stack and have also tried ipconfig /release and /renew - none of which seems to have made any difference. The results of ipconfig/all are:-
Windows IP Configuration
Host Name . . . . . . . . . . . . : Debbie-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
[code]....
I had my broadband installed and activated and I'm using my laptop with vista I've used it before with wireless Broadband and was fine but now I'm having trouble using the Internet, wifi is on and it is showing as connected to the router but when I open the web browser it is unable to connect, I used diagnostics and it comes up with the following:Cannot communicate with primary DNS server 194.168.4.100
View 5 Replies View RelatedProblem: No internet connection. 'Can't communicate with primary DNS server'Information: I am using a Windows 7 64 laptop (LAN connection) to connect to the internet. Two days ago this stopped working (after working fine for 3 months). Using windows troubleshoot I receive the message 'Can't communicate with primary DNS server'. I have checked the IPv4 and IPv6 and they are all set to automatic.I then tried to reset this using Microsoft 'fix it solution' as indicated Can't communicate with Primary DNS Server this still had no luck.I have also tried,
Reset WINSOCK entries to installation defaults: netsh winsock reset catalog
Reset IPv4 TCP/IP stack to installation defaults. netsh int ipv4 reset reset.log
Reset IPv6 TCP/IP stack to installation defaults. netsh int ipv6 reset reset.log
and ipconfig/ release and ipconfig/ renew none of this has made any difference. I can successfully ping the default gateway but cannot ping google. All packets time out.Additional information: Using an older laptop I am able to successfully connect to the internet on the same line. Also the laptop that is not working does work fine at work. So I don't even know if the problem is with the hub or the laptop.
My wireless connection showed connected but Internet Explorer kept showing the page cannot be displaced. When I clicked the diagnose connection problems, the message kept coming back with "Cannot communicate with primary DNS server (65.32.5.111)".
View 7 Replies View RelatedI'm having an absolute nightmare trying to get my laptop to connect to the internet. It will connect to our home network (virgin media cable broadband) locally but won't connect to the internet. I've tried a few of the fixes I've read on here such as changing the DNS settings myself but it's going nowhere.I can connect to other networks for example my parents virgin media network and the other laptops and my ps3 can all connect to our internet just fine so I really don't understand why mine isn't working.When I diagnose the problem it says "Cannot communicate with Primary DNS Server (194.168.4.100)" and underneath it says "Network diagnostics pinged the remote host but did not receive a response"
Here is the System info:
Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft� Windows Vista� Home Premium , Service Pack 1, 32 bit
Processor: Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz, x64 Family 6 Model 15 Stepping 13
Processor Count: 2
RAM: 2037 Mb
Graphics Card: Mobile Intel(R) 965 Express Chipset Family, 448 Mb
Hard Drives: C: Total - 183238 MB, Free - 27189 MB;
Motherboard: Sony Corporation, VAIO, N/A, N/A
Antivirus: AVG Anti-Virus Free Edition 2011, Updated and Enabled
Here is the IPCONFIG/ALL:
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.
C:Windowssystem32>IPCONFIG/ALL
Windows IP Configuration
Host Name . . . . . . . . . . . . : sonny-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
[code]....
Wireless on this laptop will not connect. Another laptop connects without problems.DDS (Ver_10-12-12.01) - NTFSx86
Run by Owner at 20:48:45.56 on Fri 02/11/2011
[Code].....
My dad is all the sudden no longer able to connect his HP laptop to the internet, my moms netbook and my Mac connect with no problems.
View 9 Replies View RelatedI'm having issues connecting to the Internet through my netgear router. The other laptops in the house work fine so I'm sure it's an issue with the setting on my laptop that are the issue. It connects to the router, tries to identify, them says unidentified and remains at a local only connection.The error says: cannot connect with primary dns server(192.168.2.1). Windows cannot resolve it itself.
View 5 Replies View Relatedi can't connnect to the internet wirelessly, i am able to with ethernet cable. i am able to connect to other networks with the computer. Reason i say it is a problem with one of my computers, is i am able to connect to the same internet with 4 other computers wirelessly. it is just this one computer. the computer is a HP Pavillion notebook 6000 series
View 13 Replies View RelatedI recently got new comcast internet installed on my PC and now i want to add a router but when i connect the router i keep getting the same error message, "Cannot communicate with primary DNS server" It also says it tried to ping but did not recieve or something like that. When i connect straight from the modem to the PC it works perfect but when i add the router it does not.[CODE]
View 7 Replies View RelatedI have two server computers. there IP addresses are:
1. 192.168.0.99
2. 192.168.1.99
Now, how to configure it for accessing data from each other?
I'm having a bit of trouble connecting to the internet on my desktop. Basically, my desktop computer, running windows 7, wired connection via LAN, is having trouble connecting to the internet. It appears to be connected to the internet (all indicators are "green light"), but when I attempt to open a browser, for example, there is no response. After running a diagnosis, I found this: Windows can't communicate with the device or resource (Primary DNS server). The strange thing is that our apartment wireless network works just fine. I looked around on here for a solution, but all were entertaining laptops with wireless connections. My IPs are set to automatic as well.
View 4 Replies View RelatedI have recently gotten a Virgin Super Hub router and everyone in the house is able to connect to the internet fine except me. I have a Toshiba laptop with Windows Vista running on it. I am able to connect locally to the network however it lists it as an "unidentified network" and when I try to diagnose the problem I receive notifications such as "Cannot communicate with primary DNS server 194.168.4.100" and "Network Diagnostic pinged remote host but did not receive a response. When I have a cable plugged into the router and my laptop I am able to connect but on a separate network "Network 3".
View 7 Replies View RelatedWireless laptop works but desktop will not connect to Internet. Was working yesterday. Tried to use Windows repair using Reset the network adapter "local area connection'. Received the following. Windows tried to repair a problem but still exists. Cannot connect with Primary DNS Server (75.75.76.76).
View 6 Replies View RelatedI am trying to hook my desktop up to my wireless router via Ethernet cable. The wireless Internet works great and my housemate's laptop works with an Ethernet cable. I have already contacted my service provider but to no avail. I have no idea where to start
View 11 Replies View RelatedOne of our laptops won't connect to the internet via wireless, gives a "Cannot communicate with Primary DNS Server (192.168.1.20)" error. It works fine when plugged in via ethernet, and all our other computers connect to wireless just fine.
The wireless is set to acquire DNS automatically in the TCP/IP IPv4 properties. I've tried to flush DNS, reset IPv4 and reset Winsock with no luck.
[code]....
I tried to connect to the Internet this morning on my Windows Vista, but it wouldn't work. My router seems to be fine (I can connect on all the other computers in the house.), and it shows that I'm connected to the network but not the Internet. After running Diagnose and Repair, I got this message:"Cannot communicate with Primary DNS Server(192.168.2.1). Network diagnostics pinged the remote host but did not receive a response." [code]
View 1 Replies View Relatedwhen trying to connect to my home wireless network i get an error saying "windows cannot communicate with the primary dns server" all other computers in the hosue can connect without issue.
- not the router
- not the internet
- reconfigured router (didn't work)
- dns is on automatically obtain
- computer i am using now is connected to same network
- flushed dns several times (didn't work)
- rewrote tcp/ip registry keys
- uninstalled all PCI related drivers
I recently set up our new Cisco Linksys E1000 router (we originally had a Belkin, but it is dying). It works perfectly fine on my desktop. However, there is only a "local connection" on my mom's laptop, a Toshiba Satellite running Vista. Diagnosis: Cannot Communicate with Primary DNS Server(68.105.28.12). zy!
View 7 Replies View RelatedI would like to create two site-to-site VPNs, one for data and one for VoIP, between the same sites. One end is an ASA 5510 and the other is a third party firewall. Is this possible if I use different sets of IP addresses for each tunnel?
View 3 Replies View RelatedSo whenever I put my desktop to sleep and then turn it back on, I cannot connect to the internet. My laptops are fine and can connect to the internet w/ the wireless however.When I have windows diagnostic run a troubleshoot and repair, it tells me it can't communicate w/ the primary DNS server and that resetting the Local Area Connection will fix it (And it does).If I restart the computer, it seems to fix this problem as well.I don't get why it can't communicate w/ the DNS and that I have to manually reset the LAC everytime I turn on the computer from sleep mode.
View 3 Replies View Relatedsometimes my internet just drops, asin it just goes to limited connectivity and appears to not send or receive any packets, sometimes a windows network repair will work and sometimes it wont, i cant fathom out what it is, and its annoying when trying to download :/ but either way the only message im getting from windows network connect repair thingy is that " cannot communicate with primary DNS server "
View 2 Replies View Related
