Solved

ASA & Router VPN (DNS Issues)

Posted on 2008-09-30
6
384 Views
Last Modified: 2012-05-05
Hello All,

Back again&

Ok I have a L2L vpn going between an ASA5505 and a Cisco 851W router. I am having problems with the DNS (split DNS?).  Note: the 851 is the DHCP server.

When going to the internet I would like the clients to use the ISP DNS servers, when access domain names that exist over the VPN I will need the client to use the DNS behind the ASA.

Any help? Thanks!!
0
Comment
Question by:dehmerl
  • 4
  • 2
6 Comments
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22608799
You need an Internal DNS server for everything. Just setup your internal DNS server to "forward" requests to the internet. The ISP's DNS servers when configured in your DNS server should be setup as "forwarders".
0
 

Author Comment

by:dehmerl
ID: 22608862
Sorry - I may have been a little misleading...
I do not have a DNS server on the LAN side of the 851, it is for a single person remote office. I need the LAN clients on the 851W to have access to the DNS server back in the Corporate office, when I was reading about split DNS it sounded like I could setup something that said for mydomain.com look at corporate DNS  otherwise use ISP DNS servers. I have to admit I have never done that and I am still not sure how after reading about it.
0
 
LVL 12

Accepted Solution

by:
Pugglewuggle earned 500 total points
ID: 22609128
You don't need split DNS. Just setup the user behind the 851W to use the IP of the local DNS server at the main office as it's DNS server. This will then work and allow the user to access internal resources by DNS name and internet sites as well (assuming that split tunneling is setup or you have a proxy server).
0
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22609136
When I say split tunneling I mean on the 851W. This allows internet access AND secure access to the corporate LAN. Still use the corporate DNS server for everything though.
0
 

Author Closing Comment

by:dehmerl
ID: 31501691
Ok, I will go with that!

I now have the clients accessing DNS only via the VPN and it seems to be working just fine.

Guess I was just looking to over complicate things!

Thanks!
0
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22609799
No prob! :-)
0

Featured Post

Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
2 routers and 1 public IP Address. 10 55
Manage ASA using outside IP 14 62
BGP recommended setup with failover 2 47
snmp v2 configuration on a switch 3 16
If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question