IPsec, L2TP, Split tunneling, PPTP and all other VPN related posts.
1 post • Page 1 of 1
Using Anyconnect 2.5 and ASA 5510. When a user connects to the VPN, the DNS settigs change from "Append Primary" suffixes to "Append these suffixes." See below The PublicDomain.com suffix is listed as the default domain in the Group Policy. The problem I am having is that one particular user cannot see network drives. If I ping the server the drives are mapped to, I get a public a IP address. If I ping server.OfficeComputerDomain.com I get the correct internal IP address. Hence, if I manually change the order and put OfficeComputerDomain.com first, the user can access the network drives with no problem. Can I configure the VPN profile to list OfficeComputerDomain.com first or can I just change the default domain in the group policy to my internal domain name? Thanks,
Yes, you can change both in the related group-policy configuration. group-policy <your_existing_policy_name_for_anyconnect> attributes default-domain value OfficeComputerDomain.com split-dns value OfficeComputerDomain.com PublicDomain.com UserHomeDomain.com
You can configure the group-policy to point to your internal domain name and use your internal dns server. You might also want to add some split-dns suffixes indicating that you want to send the DNS requests for these domains to the dns-server thats learned from the tunnel. group-policy <name> attributes dns-server value <internaldnsIP> default-domain value <internaldomain> split-dns value <internaldomain> -heather **Please remember to rate posts and mark them as resolved if your question is answered.