Cisco VPN / Firewall configuration

[Kenneth Porter]

--On Saturday, July 24, 2004 3:56 PM -0700 G-Love <greg at 20percent.org> 
wrote:

> So all of the DNS information in configured on the concentrator side - no
> client side configuration necessary.

The VPN server pushes a set of DNS servers and your /etc/resolv.conf gets 
replaced with one pointing at those servers. When the connection shuts 
down, your saved file gets restored.

There's some additional interception going on though, as I find even if I 
block the overwriting of resolv.conf that some packets targeted to the 
Internet still get lost.