Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 238
  • Last Modified:

Remote access VPN DNS issue

I have remote access configured on ASA and Microsoft ISA firewall. Everything works fine from my home pc, but I can not resolve DNS names.

If I nslookup insidehost.mydomain.com - it resolves the ip

If I nslookup insidehost - returns Server failed error

I believe it has something to do with DNS Server, but dont know what exactly

Thank you
0
fgasimzade
Asked:
fgasimzade
  • 2
  • 2
1 Solution
 
Matt VCommented:
You need to add the dns suffix to your list of domains that the ASA is passing to the VPN client.
0
 
Matt VCommented:
Configuring Domain Attributes for Tunneling

You can specify a default domain name for tunneled packets or a list of domains to be resolved through the split tunnel. The following sections describe how to set these domains.
 
Defining a Default Domain Name for Tunneled Packets

The security appliance passes the default domain name to the IPsec client to append to DNS queries that omit the domain field. When there are no default domain names, users inherit the default domain name in the default group policy. To specify the default domain name for users of the group policy, enter the default-domain command in group-policy configuration mode. To delete a domain name, enter the no form of this command.
 
hostname(config-group-policy)# default-domain {value domain-name | none}
 
hostname(config-group-policy)# no default-domain [domain-name]
 

The value domain-name parameter identifies the default domain name for the group. To specify that there is no default domain name, enter the none keyword. This command sets a default domain name with a null value, which disallows a default domain name and prevents inheriting a default domain name from a default or specified group policy.
 
To delete all default domain names, enter the no default-domain command without arguments. This command deletes all configured default domain names, including a null list if you created one by entering the default-domain command with the none keyword. The no form allows inheriting a domain name.
 
The following example shows how to set a default domain name of FirstDomain for the group policy named FirstGroup:
 
hostname(config)# group-policy FirstGroup attributes
 
hostname(config-group-policy)# default-domain value FirstDomain
0
 
fgasimzadeAuthor Commented:
mattvmotas

I have the default-domain name configured, however it does not work..
0
 
fgasimzadeAuthor Commented:
The other thing is that when I nslookup a correct dns name, like mypc, it returns with Server failed. If I nslookup mypc.mydomain.com - it works. If I nslookup incorrect dns name, say mypc2 - server returns "domain name was not found"
0
 
Pete LongConsultantCommented:
<ignore wrong q>
0

Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now