Please bear with me. I've not had much hands on with ASA configuration etc...
I'm looking at setting up some users with an AnyConnect VPN connection and to then connect to our internally hosted Terminal Server farm.
The AnyConnect connection looks to be setup however when I establish a connection I cannot connect to any resources when using the DNS name. I can use the IP address OK and it resolves it fine.
I've seen a setting in the ASDM Connection Profiles VPN profile and within it under the DNS section its set to the Default DNS and the internal DNS servers are listed. However when I click on manage under the DNS Lookup section DNS Enabled is disabled on the outside interface.
I'm thinking that this is the issue. Would this be the case? What reason would it be disabled for?
Any help/advice would be great. Step by step via ASDM preferred.
Thanks,
Rich
1. Login to ASDM
2. Click on Configuration at the top of the screen
3. Click on "Remote Access VPN"
4. Expand "Network (Client) Access"
5. Click on "AnyConnect Connection Profiles"
6. Towards the bottom of your screen you will see a section for Connection Profiles. Highlight your connection profile and click on the "Edit" icon.
7. Towards the bottom of your screen you will see "DNS Servers:" Do you have any IP Addresses configured here? Also do you have a domain name configured in this box?
Now when the client connects you say that you are able to connect to devices via IP address but not DNS name correct? From a client connected to the VPN please perform the steps below.
1. Click Start
2. Type in "Command Prompt"
3. In a command prompt window type in "ipconfig /all"
4. Paste the results for review.
5. Try to perform a lookup via the nslookup command.
6. Type in "nslookup "name of device on your network"
7. Paste the results for review.
8. Finally try to ping the IP Address of your DNS server via the "ping" command.
Also can you let me know the subnet you are using on your local network before you connect to the VPN. For instance are you using 192.168.1.XXX in your home as well as 192.168.1.XXX at the office. or are they on different subnets? What about the DNS server is it on a similar network as your home network?