Cisco vpn client dns problems

We have recently setup vpn remote access to our company and everything, but one thing is working great.  When a user connects by the cisco vpn client they are not able to access the servers here on site by the dns name.  For example we have a server by the name of pylon_server.  A vpn remote user cannot connect to the server by using \\pylon_server, but instead must use the ip address of \\10.1.1.5.  This may be a simple problem to fix, but the COO just called wanting to access the server by name, so I need an answer quickly.
icarus2256Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
prashsaxConnect With a Mentor Commented:
Configuration > VPN > General > Group Policy > Add/Edit > Internal Group Policy > General Tab

See this link.
http://www.cisco.com/en/US/products/ps6121/products_user_guide_chapter09186a00806a2fc9.html

0
 
prashsaxCommented:
The quick solution would be to add entries in the host file on this computer.

Other wise, you need to check if you have allowed access to your internal DNS Server. This could be due to split tunnel VPN config.

What kind of VPN are you using.
0
 
icarus2256Author Commented:
The VPN termination point is a Cisco ASA 5510.  The remote users are using the Cisco VPN client.  I am not looking for a quick fix, but the correct fix.
0
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

 
prashsaxCommented:
What is the access-list for the VPN users.

Have you configured your internal DNS IP address for VPN clients as well.

Does your access-list allow UDP/53 from VPN clients.
0
 
icarus2256Author Commented:
We are using the permit-ipsec rule so the outside access-list doesn't filter VPN traffic.
0
 
NYtechGuyConnect With a Mentor Commented:

In the VPN config, you can specify what DNS servers your clients will be issued when they connect.  

/Justin
0
 
prashsaxCommented:
permit-ipsec is used so that you do not have to allow ipsec traffic inside your firewall.

But once this traffic is decrypted, it is again evaulated against an access-list.

Since this traffic is originating from subnet different from your internal their must exist some acl for the VPN IP Pool.

look for access-list where source ip is from pool you have defined for vpn clients.

Also make sure you have specified a valid DNS server in the configuration.

e.g

vpngroup group_name dns-server x.x.x.x
0
 
icarus2256Author Commented:
Do you know where you specify the DNS servers when using the Cisco ASDM interface?  Sorry about the permit-ipsec comment, we do allow all ip traffic from remote vpn connections into the company.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.