All:
We have a customer who uses a Netscreen 5GT running 5.0.0r8.1 that has
some dialup VPN users. The users run the Netscreen Remote software on
their PCs and the VPN connections work fine. I was recently asked if we
could assign internal DNS servers to the VPN users when they connect. I
went to VPNs > AutoKey Advanced > XAuth Settings and configured the two
requested DNS servers. However, when users connect, they did not get the
assigned DNS servers. I found out that I had to assign a pool of IPs to
the XAuth Settings window for the Netscreen to pass the DNS servers. The
issue with this is that *all* Internet traffic gets routed to the
Netscreen and not just VPN traffic. I also saw "Query Client Settings on
Default Server" on the XAuth Settings but I am unable to check that box.
The customer asked about split tunneling and my understanding is that is
what the Netscreen was doing in the first place; VPN traffic goes across
the VPN and all other traffic goes out the normal Internet path.
However, this method did not assign the internal DNS servers.
Any suggestions on how to accomplish this?
The Netscreen Remote software is 8.0.
--
Devon
_______________________________________________
nn mailing list
nn@qorbit.net
http://qorbit.net/mailman/listinfo/nn
|