Split Tunneling - DNS issue

N

nitrobass24

[H]ard|DCer of the Month - December 2009
Joined
Apr 7, 2006
Messages
10,475
I have configured my ASA 5505 for SSL VPN remote access and have configured split tunneling and its working fine except for DNS resolution for the Secured Tunnel. I can ping the IP addresses of my remote network and can even use RDP to access a box, but DNS resolution will not work and I must use the IPs.

I added Split-DNS for my domain name. What else am I missing?

Below is my configuration.

Code: 
: Saved
:
ASA Version 8.4(1) 
!
hostname HomeFW01
enable password removed encrypted
passwd removed encrypted
names
dns-guard
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0 
!
interface Vlan2
 nameif outside
 security-level 0
 ip address dhcp setroute 
!
interface Vlan3
 no forward interface Vlan1
 nameif DMZ
 security-level 50
 ip address 10.1.1.1 255.255.255.0 
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
 switchport access vlan 3
!
interface Ethernet0/5
 switchport access vlan 3
!
interface Ethernet0/6
 switchport access vlan 3
!
interface Ethernet0/7
 switchport access vlan 3
!
boot system disk0:/asa841-k8.bin
no ftp mode passive
clock timezone CST -6
clock summer-time CDT recurring
same-security-traffic permit intra-interface
object network obj_any 
 subnet 0.0.0.0 0.0.0.0
object network NETWORK_OBJ_192.168.1.96_28 
 subnet 192.168.1.96 255.255.255.240
access-list Split-Tunnel standard permit 192.168.1.0 255.255.255.0 
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu DMZ 1500
ip local pool IPBR_RA_Addresses 192.168.1.101-192.168.1.110 mask 255.255.255.0
ip verify reverse-path interface outside
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-641.bin
no asdm history enable
arp timeout 14400
nat (inside,outside) source static any any destination static NETWORK_OBJ_192.168.1.96_28 NETWORK_OBJ_192.168.1.96_28
!
object network obj_any
 nat (inside,outside) dynamic interface
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa local authentication attempts max-fail 3
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet timeout 5
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 5
ssh version 2
console timeout 0
management-access inside

dhcpd auto_config outside
!
dhcpd address 192.168.1.2-192.168.1.33 inside
!
threat-detection basic-threat
threat-detection statistics host
threat-detection statistics port
threat-detection statistics protocol
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
 enable outside
 anyconnect image disk0:/anyconnect-win-2.3.0254-k9.pkg 1
 anyconnect enable
 tunnel-group-list enable
group-policy GroupPolicy_Anyconnect internal
group-policy GroupPolicy_Anyconnect attributes
 vpn-tunnel-protocol ssl-client 
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value Split-Tunnel
 default-domain value davis.local
 split-dns value davis.local
 address-pools value IPBR_RA_Addresses
 webvpn
  anyconnect keep-installer installed
  anyconnect ssl rekey time 30
  anyconnect ssl rekey method ssl
  anyconnect ssl compression deflate
  anyconnect ask none default anyconnect
username removed password removed encrypted
tunnel-group Anyconnect type remote-access
tunnel-group Anyconnect general-attributes
 address-pool IPBR_RA_Addresses
 default-group-policy GroupPolicy_Anyconnect
tunnel-group Anyconnect webvpn-attributes
 group-alias Anyconnect enable
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map 
  inspect ftp 
  inspect h323 h225 
  inspect h323 ras 
  inspect rsh 
  inspect rtsp 
  inspect esmtp 
  inspect sqlnet 
  inspect skinny  
  inspect sunrpc 
  inspect xdmcp 
  inspect sip  
  inspect netbios 
  inspect tftp 
  inspect ip-options 
!
service-policy global_policy global
prompt hostname context 
call-home
 profile CiscoTAC-1
  no active
  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
  destination address email callhome@cisco.com
  destination transport-method http
  subscribe-to-alert-group diagnostic
  subscribe-to-alert-group environment
  subscribe-to-alert-group inventory periodic monthly
  subscribe-to-alert-group configuration periodic monthly
  subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:d6d17e14a24cbfd38197bb3723f324ca
: end
 
Are you on a different domain than the system you are remoting into? If so try using the FQDN name to ping or RDP
 
Yes i am on a different domain. And I was using the FQDN.

Any other thoughts/suggestions. :confused:
 
group-policy GroupPolicy_Anyconnect attributes

after that command use this:

dns-server value DnsServerIP

where DNSSERVERIP is the IP address of your dns server on that network. at least thats what i do for RA VPN, assume it would be the same? if not, dont hurt me :)
 
Alright well i made that change. I am at home now so i cant test it, but if I get to work tomorrow and it doesnt work Ill know where to come looking!
 
Nope didnt work. Gonna have to run some test when i get home.

Code: 
C:\Users\stephendavis>nslookup ipbr.davis.local
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.1.5

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Request to UnKnown timed-out
 
Is 192.168.1.5 the IP of the nameserver responsible for davis.local (the one from the dns-server line mentioned above)? If so, can you ping that server? It sounds like this traffic isn't making it over the tunnel (although other traffic obviously is, which is means I could be wrong).
 
Yea sorry 192.168.1.5 is the DNS/DHCP/AD server for davis.local
 
Can you run netmon on your VPN adapter? See if the query is actually getting routed over the it.
 
Here ya go.

Also i did some testing last night using an aircard and i noticed that when i turn off split tunneling I can access resources/ping resources/perform nslookups on VPN resources but my Internet access no longer works on the remote client. Im not sure what would cause that, but it seems like a NAT issue. Maybe unrelated but thought i would throw that in there.


Code from CMD window.
Code: 
C:\Users\stephendavis>nslookup davis.local
Server:  UnKnown
Address:  192.168.1.5

Name:    davis.local
Addresses:  192.168.1.6
          192.168.1.5


C:\Users\stephendavis>nslookup ipbr.davis.local
Server:  UnKnown
Address:  192.168.1.5

Name:    ipbr.davis.local
Address:  192.168.1.158


C:\Users\stephendavis>ping ipbr.davis.local
Ping request could not find host ipbr.davis.local. Please check the name and try
 again.

C:\Users\stephendavis>ping 192.168.1.158

Pinging 192.168.1.158 with 32 bytes of data:
Reply from 192.168.1.158: bytes=32 time=283ms TTL=128
Reply from 192.168.1.158: bytes=32 time=134ms TTL=128
Reply from 192.168.1.158: bytes=32 time=122ms TTL=128
Reply from 192.168.1.158: bytes=32 time=114ms TTL=128

Ping statistics for 192.168.1.158:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 114ms, Maximum = 283ms, Average = 163ms

C:\Users\stephendavis>

Corresponding NetMon

Code: 
1	1:44:37 PM 8/19/2011	4.9258521				NetmonFilter	NetmonFilter:Updated Capture Filter: None	
2	1:44:37 PM 8/19/2011	4.9258521				NetworkInfoEx	NetworkInfoEx:Network info for , Network Adapter Count = 1	
3	1:44:37 PM 8/19/2011	4.9258521	Unavailable	192.168.1.101	224.0.0.251	UDP	UDP:SrcPort = 5353, DstPort = 5353, Length = 49	{UDP:2, IPv4:1}
4	1:44:38 PM 8/19/2011	5.4019650		192.168.1.101	192.168.1.5	ARP	ARP:Request, 192.168.1.101 asks for 192.168.1.5	
5	1:44:38 PM 8/19/2011	5.4020572		192.168.1.5	192.168.1.101	ARP	ARP:Response, 192.168.1.5 at 00-11-22-33-44-55	
6	1:44:38 PM 8/19/2011	5.4031057		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x1, QUERY (Standard query), Query  for 5.1.168.192.in-addr.arpa of type PTR on class Internet	{DNS:5, UDP:4, IPv4:3}
7	1:44:38 PM 8/19/2011	5.4031805		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x1, QUERY (Standard query), Response - Name Error 	{DNS:5, UDP:4, IPv4:3}
8	1:44:38 PM 8/19/2011	5.4065868		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x2, QUERY (Standard query), Query  for davis.local.davis.local of type Host Addr on class Internet	{DNS:7, UDP:6, IPv4:3}
9	1:44:38 PM 8/19/2011	5.5194190		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x2, QUERY (Standard query), Response - Name Error 	{DNS:7, UDP:6, IPv4:3}
10	1:44:38 PM 8/19/2011	5.5205075		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x3, QUERY (Standard query), Query  for davis.local.davis.local of type AAAA on class Internet	{DNS:9, UDP:8, IPv4:3}
11	1:44:38 PM 8/19/2011	5.6335784		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x3, QUERY (Standard query), Response - Name Error 	{DNS:9, UDP:8, IPv4:3}
12	1:44:38 PM 8/19/2011	5.6348042		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x4, QUERY (Standard query), Query  for davis.local.davis.local of type Host Addr on class Internet	{DNS:11, UDP:10, IPv4:3}
13	1:44:38 PM 8/19/2011	5.7502546		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x4, QUERY (Standard query), Response - Name Error 	{DNS:11, UDP:10, IPv4:3}
14	1:44:38 PM 8/19/2011	5.7514136		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x5, QUERY (Standard query), Query  for davis.local.davis.local of type AAAA on class Internet	{DNS:13, UDP:12, IPv4:3}
15	1:44:38 PM 8/19/2011	5.8653511		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x5, QUERY (Standard query), Response - Name Error 	{DNS:13, UDP:12, IPv4:3}
16	1:44:38 PM 8/19/2011	5.8665136		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x6, QUERY (Standard query), Query  for davis.local.clients.us.kworld.kpmg.com of type Host Addr on class Internet	{DNS:15, UDP:14, IPv4:3}
17	1:44:38 PM 8/19/2011	5.8666231		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x6, QUERY (Standard query), Response - Name Error 	{DNS:15, UDP:14, IPv4:3}
18	1:44:38 PM 8/19/2011	5.8675556		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x7, QUERY (Standard query), Query  for davis.local.clients.us.kworld.kpmg.com of type AAAA on class Internet	{DNS:17, UDP:16, IPv4:3}
19	1:44:38 PM 8/19/2011	5.8676830		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x7, QUERY (Standard query), Response - Name Error 	{DNS:17, UDP:16, IPv4:3}
20	1:44:38 PM 8/19/2011	5.8686888		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x8, QUERY (Standard query), Query  for davis.local.us.kworld.kpmg.com of type Host Addr on class Internet	{DNS:19, UDP:18, IPv4:3}
21	1:44:38 PM 8/19/2011	5.8687610		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x8, QUERY (Standard query), Response - Name Error 	{DNS:19, UDP:18, IPv4:3}
22	1:44:38 PM 8/19/2011	5.8695667		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x9, QUERY (Standard query), Query  for davis.local.us.kworld.kpmg.com of type AAAA on class Internet	{DNS:21, UDP:20, IPv4:3}
23	1:44:38 PM 8/19/2011	5.8696352		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x9, QUERY (Standard query), Response - Name Error 	{DNS:21, UDP:20, IPv4:3}
24	1:44:38 PM 8/19/2011	5.8703350		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0xA, QUERY (Standard query), Query  for davis.local.kworld.kpmg.com of type Host Addr on class Internet	{DNS:23, UDP:22, IPv4:3}
25	1:44:38 PM 8/19/2011	5.8703896		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0xA, QUERY (Standard query), Response - Name Error 	{DNS:23, UDP:22, IPv4:3}
26	1:44:38 PM 8/19/2011	5.8711761		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0xB, QUERY (Standard query), Query  for davis.local.kworld.kpmg.com of type AAAA on class Internet	{DNS:25, UDP:24, IPv4:3}
27	1:44:38 PM 8/19/2011	5.8712451		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0xB, QUERY (Standard query), Response - Name Error 	{DNS:25, UDP:24, IPv4:3}
28	1:44:38 PM 8/19/2011	5.8719155		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0xC, QUERY (Standard query), Query  for davis.local.kpmg.com of type Host Addr on class Internet	{DNS:27, UDP:26, IPv4:3}
29	1:44:38 PM 8/19/2011	5.8719868		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0xC, QUERY (Standard query), Response - Name Error 	{DNS:27, UDP:26, IPv4:3}
30	1:44:38 PM 8/19/2011	5.8726646		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0xD, QUERY (Standard query), Query  for davis.local.kpmg.com of type AAAA on class Internet	{DNS:29, UDP:28, IPv4:3}
31	1:44:38 PM 8/19/2011	5.8727327		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0xD, QUERY (Standard query), Response - Name Error 	{DNS:29, UDP:28, IPv4:3}
32	1:44:38 PM 8/19/2011	5.8733934		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0xE, QUERY (Standard query), Query  for davis.local of type Host Addr on class Internet	{DNS:31, UDP:30, IPv4:3}
33	1:44:38 PM 8/19/2011	5.9888405		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0xE, QUERY (Standard query), Response - Success, 192.168.1.6, 192.168.1.5 	{DNS:31, UDP:30, IPv4:3}
34	1:44:38 PM 8/19/2011	5.9903682		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0xF, QUERY (Standard query), Query  for davis.local of type AAAA on class Internet	{DNS:33, UDP:32, IPv4:3}
35	1:44:38 PM 8/19/2011	6.1049662		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0xF, QUERY (Standard query), Response - Success 	{DNS:33, UDP:32, IPv4:3}
36	1:44:40 PM 8/19/2011	7.9118314		192.168.1.101	255.255.255.255	UDP	UDP:SrcPort = 17500, DstPort = 17500, Length = 117	{UDP:35, IPv4:34}
37	1:44:40 PM 8/19/2011	7.9121356		192.168.1.101	192.168.1.255	UDP	UDP:SrcPort = 17500, DstPort = 17500, Length = 117	{UDP:37, IPv4:36}
38	1:44:40 PM 8/19/2011	7.9123109		192.168.1.101	255.255.255.255	UDP	UDP:SrcPort = 17500, DstPort = 17500, Length = 117	{UDP:35, IPv4:34}
39	1:44:40 PM 8/19/2011	7.9124955		192.168.1.101	255.255.255.255	UDP	UDP:SrcPort = 17500, DstPort = 17500, Length = 117	{UDP:35, IPv4:34}
40	1:44:44 PM 8/19/2011	12.1009734		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x1, QUERY (Standard query), Query  for 5.1.168.192.in-addr.arpa of type PTR on class Internet	{DNS:39, UDP:38, IPv4:3}
41	1:44:44 PM 8/19/2011	12.1010750		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x1, QUERY (Standard query), Response - Name Error 	{DNS:39, UDP:38, IPv4:3}
42	1:44:44 PM 8/19/2011	12.1047446		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x2, QUERY (Standard query), Query  for ipbr.davis.local.davis.local of type Host Addr on class Internet	{DNS:41, UDP:40, IPv4:3}
43	1:44:44 PM 8/19/2011	12.2180880		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x2, QUERY (Standard query), Response - Name Error 	{DNS:41, UDP:40, IPv4:3}
44	1:44:44 PM 8/19/2011	12.2190648		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x3, QUERY (Standard query), Query  for ipbr.davis.local.davis.local of type AAAA on class Internet	{DNS:43, UDP:42, IPv4:3}
45	1:44:44 PM 8/19/2011	12.3320253		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x3, QUERY (Standard query), Response - Name Error 	{DNS:43, UDP:42, IPv4:3}
46	1:44:44 PM 8/19/2011	12.3329849		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x4, QUERY (Standard query), Query  for ipbr.davis.local.davis.local of type Host Addr on class Internet	{DNS:45, UDP:44, IPv4:3}
47	1:44:45 PM 8/19/2011	12.4465671		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x4, QUERY (Standard query), Response - Name Error 	{DNS:45, UDP:44, IPv4:3}
48	1:44:45 PM 8/19/2011	12.4475381		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x5, QUERY (Standard query), Query  for ipbr.davis.local.davis.local of type AAAA on class Internet	{DNS:47, UDP:46, IPv4:3}
49	1:44:45 PM 8/19/2011	12.5607902		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x5, QUERY (Standard query), Response - Name Error 	{DNS:47, UDP:46, IPv4:3}
50	1:44:45 PM 8/19/2011	12.5617734		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x6, QUERY (Standard query), Query  for ipbr.davis.local.clients.us.kworld.kpmg.com of type Host Addr on class Internet	{DNS:49, UDP:48, IPv4:3}
51	1:44:45 PM 8/19/2011	12.5618833		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x6, QUERY (Standard query), Response - Name Error 	{DNS:49, UDP:48, IPv4:3}
52	1:44:45 PM 8/19/2011	12.5627522		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x7, QUERY (Standard query), Query  for ipbr.davis.local.clients.us.kworld.kpmg.com of type AAAA on class Internet	{DNS:51, UDP:50, IPv4:3}
53	1:44:45 PM 8/19/2011	12.5628667		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x7, QUERY (Standard query), Response - Name Error 	{DNS:51, UDP:50, IPv4:3}
54	1:44:45 PM 8/19/2011	12.5637997		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x8, QUERY (Standard query), Query  for ipbr.davis.local.us.kworld.kpmg.com of type Host Addr on class Internet	{DNS:53, UDP:52, IPv4:3}
55	1:44:45 PM 8/19/2011	12.5638735		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x8, QUERY (Standard query), Response - Name Error 	{DNS:53, UDP:52, IPv4:3}
56	1:44:45 PM 8/19/2011	12.5647135		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0x9, QUERY (Standard query), Query  for ipbr.davis.local.us.kworld.kpmg.com of type AAAA on class Internet	{DNS:55, UDP:54, IPv4:3}
57	1:44:45 PM 8/19/2011	12.5647801		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0x9, QUERY (Standard query), Response - Name Error 	{DNS:55, UDP:54, IPv4:3}
58	1:44:45 PM 8/19/2011	12.5655059		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0xA, QUERY (Standard query), Query  for ipbr.davis.local.kworld.kpmg.com of type Host Addr on class Internet	{DNS:57, UDP:56, IPv4:3}
59	1:44:45 PM 8/19/2011	12.5655722		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0xA, QUERY (Standard query), Response - Name Error 	{DNS:57, UDP:56, IPv4:3}
60	1:44:45 PM 8/19/2011	12.5662929		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0xB, QUERY (Standard query), Query  for ipbr.davis.local.kworld.kpmg.com of type AAAA on class Internet	{DNS:59, UDP:58, IPv4:3}
61	1:44:45 PM 8/19/2011	12.5663579		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0xB, QUERY (Standard query), Response - Name Error 	{DNS:59, UDP:58, IPv4:3}
62	1:44:45 PM 8/19/2011	12.5670712		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0xC, QUERY (Standard query), Query  for ipbr.davis.local.kpmg.com of type Host Addr on class Internet	{DNS:61, UDP:60, IPv4:3}
63	1:44:45 PM 8/19/2011	12.5671385		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0xC, QUERY (Standard query), Response - Name Error 	{DNS:61, UDP:60, IPv4:3}
64	1:44:45 PM 8/19/2011	12.5678541		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0xD, QUERY (Standard query), Query  for ipbr.davis.local.kpmg.com of type AAAA on class Internet	{DNS:63, UDP:62, IPv4:3}
65	1:44:45 PM 8/19/2011	12.5679198		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0xD, QUERY (Standard query), Response - Name Error 	{DNS:63, UDP:62, IPv4:3}
66	1:44:45 PM 8/19/2011	12.5686423		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0xE, QUERY (Standard query), Query  for ipbr.davis.local of type Host Addr on class Internet	{DNS:65, UDP:64, IPv4:3}
67	1:44:45 PM 8/19/2011	12.6818122		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0xE, QUERY (Standard query), Response - Success, 192.168.1.158 	{DNS:65, UDP:64, IPv4:3}
68	1:44:45 PM 8/19/2011	12.6830413		192.168.1.101	192.168.1.5	DNS	DNS:QueryId = 0xF, QUERY (Standard query), Query  for ipbr.davis.local of type AAAA on class Internet	{DNS:67, UDP:66, IPv4:3}
69	1:44:45 PM 8/19/2011	12.7939704		192.168.1.5	192.168.1.101	DNS	DNS:QueryId = 0xF, QUERY (Standard query), Response - Success 	{DNS:67, UDP:66, IPv4:3}
70	1:44:53 PM 8/19/2011	20.8850112		192.168.1.101	ipbr.davis.local	ARP	ARP:Request, 192.168.1.101 asks for 192.168.1.158	
71	1:44:53 PM 8/19/2011	20.8851310		ipbr.davis.local	192.168.1.101	ARP	ARP:Response, 192.168.1.158 at 00-11-22-33-44-55	
72	1:44:53 PM 8/19/2011	20.8854987		192.168.1.101	ipbr.davis.local	ICMP	ICMP:Echo Request Message, From 192.168.1.101 To 192.168.1.158	{IPv4:68}
73	1:44:53 PM 8/19/2011	20.9977973		ipbr.davis.local	192.168.1.101	ICMP	ICMP:Echo Reply Message, From 192.168.1.158 To 192.168.1.101	{IPv4:68}
74	1:44:54 PM 8/19/2011	21.9077154		192.168.1.101	ipbr.davis.local	ICMP	ICMP:Echo Request Message, From 192.168.1.101 To 192.168.1.158	{IPv4:68}
75	1:44:54 PM 8/19/2011	22.0211581		ipbr.davis.local	192.168.1.101	ICMP	ICMP:Echo Reply Message, From 192.168.1.158 To 192.168.1.101	{IPv4:68}
76	1:44:55 PM 8/19/2011	22.8856312		192.168.1.101	ipbr.davis.local	ICMP	ICMP:Echo Request Message, From 192.168.1.101 To 192.168.1.158	{IPv4:68}
77	1:44:55 PM 8/19/2011	22.9977328		ipbr.davis.local	192.168.1.101	ICMP	ICMP:Echo Reply Message, From 192.168.1.158 To 192.168.1.101	{IPv4:68}
78	1:44:56 PM 8/19/2011	23.8843158		192.168.1.101	ipbr.davis.local	ICMP	ICMP:Echo Request Message, From 192.168.1.101 To 192.168.1.158	{IPv4:68}
79	1:44:56 PM 8/19/2011	23.9962479		ipbr.davis.local	192.168.1.101	ICMP	ICMP:Echo Reply Message, From 192.168.1.158 To 192.168.1.101	{IPv4:68}
 
You must log in or register to reply here.
Back
Top