My Cisco ASA won't allow clients to browse the internal network

Hello, I have a Cisco ASA I'm trying to configure so remote clients can browse our internal network. I can make a connection to the network, but I can't see any machines on the network.  I've attached a copy of my ASA running config.
CiscoASA.txt
TimothyBoggessAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jay_GridleyCommented:
It's important to be aware of the fact that NETBios won't work over a VPN tunnel, because this is broadcasted traffic. As far as I know there is no "regular" way to browse a remote network.

Is your problem that your users can't browse the network, or can't the ping any devices at your LAN at all?
0
TimothyBoggessAuthor Commented:
Jay,
   I can ping only by IP address and no we can't browse the network.  However shouldn't DNS resolve the names to the addresses for browsing?  Regardless, if I can get the names resolved instead of simply relying on the IP address I think I would have a working solution.
0
lrmooreCommented:
group-policy RemoteVPN attributes
dns-server value 192.168.1.59 <== give your VPN clients a dns server for mydomain.com
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Jay_GridleyCommented:
Ah, I thought the actual browsing through 'network environment' was the problem Hence my question.

lrmoore's answer should provide you with the DNS you require.
0
TimothyBoggessAuthor Commented:
I put in the dns-server value in the group-policy RemoteVPN attributes and I can still only ping by IP address.
0
lrmooreCommented:
Try putting it into the DefaultRAGroup policy, too...
0
TimothyBoggessAuthor Commented:
I tried putting the dns-server value in the DefaultRAGroup too, but can still only ping by IP address.
0
lrmooreCommented:
Can you ping that dns server while connected to the LAN?
If yes?
Can you use nslookup against it while connected?
0
TimothyBoggessAuthor Commented:
I can ping one particular server on the network by IP address, but I cannot ping the dns server while I'm connected to the LAN.  I suspect there is more going on here than I'm aware of and I may need to delve deeper in the network setup.  (This is a network I inherited).
0
lrmooreCommented:
Could be a routing issue where the internal router does not have a route to the VPn client pool subnet, or routes it someplace else.
I, too, suspect more than meets the eye here. As long as the client gets the proper dns server via VPN config, and that server can be reached while on the VPN, then all should be happy.
0
TimothyBoggessAuthor Commented:
I'll take a look at the internal router.  If I do an ipconfig /all while connected to the LAN it gives me a correct IP address from the ip pool on the ASA and it gives me the correct DNS servers that I set.  I'll let you know what I find on the router.
0
TimothyBoggessAuthor Commented:
Thanks for the help on the dns issue.  I'm awarding the points and accepting the solution even though I still can't ping by name, but I think that's due to either a problem on the internal router or one of my switches.  If I do an ipconfig while connected as a VPN client, I'm getting the proper dns server for the connection which tells me you gave me the correct answer.  If I'm unable to troubleshoot the internal problem I'm having I'll be back with another question.  Thanks for your help!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.