I have a pair of PIX 501s (running 6.3(4)) that I use for a PIX-to-PIX VPN. The standard configuration, main office with a bunch o' servers (including DNS) and remote office with a single client and no DNS server.
Ordinarily, requests for public data go out through the internet (google.com for example), with private requests for the "other side" of the VPN going out through the internet and then through the remote host's PIX.
However, is there any way that I can enable any kind of "split-DNS" function? Whereby I can somehow specify on the PIX that DNS requests for the bar.com domain should be handled by the DNS server at192.168.0.1, and all other DNS requests should go to my ISP's DNS server at 220.127.116.11?
As I would rather not have *all* DNS requests traverse the VPN if I want to the client computer to be able to reverse-resolve IPs in the private network...