09-11-2017 12:46 AM
I'm trying to establish a Dynamic VPN which the SRX is behind a 1-to-1 NAT Device, whith Split tunnel enabled.
The connection is successfull, but im experiencing a weird behavior.
The internet browsing is not working, meanwhile, i'm able to ping any public IPs.
btw, i have the below dns command:
set access address-assignment pool dyn-vpn-address-pool family inet xauth-attributes primary-dns dns_ip_address
09-11-2017 02:47 AM
I think you are saying that you can ping internet ip addresses but that your web browsing is not working.
This would indicate that the DNS server is not working for your connection. You can confirm this by doing some manual nslookup commands while connected to the vpn.
Make sure your configured dns server is reachable to your pool address. And there are security policies in place that permit the connection to the DNS server.
Senior IP Engineer - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
JNCIA-Junos JNCIS-SEC JNCIP-SEC JNCSP-SEC
JNCDA JNCDS-DC JNCDS-SEC
ACE PanOS 6 ACE PanOS 7
09-11-2017 04:20 AM
one of the internal network is 192.168.8.x and it was added to the protected network.
this range overlap with my 4G modem DHCP, i changed them and it worked fine.