Solved

Remote access VPN DNS issue

Posted on 2013-01-29
5
229 Views
Last Modified: 2013-04-16
I have remote access configured on ASA and Microsoft ISA firewall. Everything works fine from my home pc, but I can not resolve DNS names.

If I nslookup insidehost.mydomain.com - it resolves the ip

If I nslookup insidehost - returns Server failed error

I believe it has something to do with DNS Server, but dont know what exactly

Thank you
0
Comment
Question by:fgasimzade
  • 2
  • 2
5 Comments
 
LVL 22

Accepted Solution

by:
Matt V earned 500 total points
ID: 38835752
You need to add the dns suffix to your list of domains that the ASA is passing to the VPN client.
0
 
LVL 22

Expert Comment

by:Matt V
ID: 38835766
Configuring Domain Attributes for Tunneling

You can specify a default domain name for tunneled packets or a list of domains to be resolved through the split tunnel. The following sections describe how to set these domains.
 
Defining a Default Domain Name for Tunneled Packets

The security appliance passes the default domain name to the IPsec client to append to DNS queries that omit the domain field. When there are no default domain names, users inherit the default domain name in the default group policy. To specify the default domain name for users of the group policy, enter the default-domain command in group-policy configuration mode. To delete a domain name, enter the no form of this command.
 
hostname(config-group-policy)# default-domain {value domain-name | none}
 
hostname(config-group-policy)# no default-domain [domain-name]
 

The value domain-name parameter identifies the default domain name for the group. To specify that there is no default domain name, enter the none keyword. This command sets a default domain name with a null value, which disallows a default domain name and prevents inheriting a default domain name from a default or specified group policy.
 
To delete all default domain names, enter the no default-domain command without arguments. This command deletes all configured default domain names, including a null list if you created one by entering the default-domain command with the none keyword. The no form allows inheriting a domain name.
 
The following example shows how to set a default domain name of FirstDomain for the group policy named FirstGroup:
 
hostname(config)# group-policy FirstGroup attributes
 
hostname(config-group-policy)# default-domain value FirstDomain
0
 
LVL 18

Author Comment

by:fgasimzade
ID: 38839024
mattvmotas

I have the default-domain name configured, however it does not work..
0
 
LVL 18

Author Comment

by:fgasimzade
ID: 38839030
The other thing is that when I nslookup a correct dns name, like mypc, it returns with Server failed. If I nslookup mypc.mydomain.com - it works. If I nslookup incorrect dns name, say mypc2 - server returns "domain name was not found"
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 38847013
<ignore wrong q>
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
sccm importing drivers 4 22
DNS spf record 14 52
Cisco ASA dns and browsing 20 32
Running a 2nd company from the same location 3 38
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now