VPN tunneled connections

Unanswered Question
Jun 27th, 2008

I have MAC VPN clients that successfully connect to an ASA5520. The ASA5520 is running 7.2(4) software. The MAC client is running 4.9.01 (0080) software. The clients are serviced internal IP addresses from the ASA5520 that are out of the range of our dhcp server serves to client. The DNS servers and domain are supplied within the Group Policy configuration. Clients can successfully browse internal websites no problem. Clients that need to browse external websites are extremely slow. Clients are required to browse websites through our infrastructure. Inside the routing configuration I configured a "tunneled" route I think routes all VPN clients out our company's Internet path. Is this what "tunneled" route means? Next I looked at the ASA log and see that these clients are trying to access their ISP's DNS server for external sites 1st, then they query the internal DNS servers. I of course, only allow our internal DNS servers to query external DNS servers. Why isn't the client querying our DNS servers only?

Last question, I tried using our DHCP server to serve VPN clients, but I was running into a problem with client not receiving the DNS servers from the DHCP server. The end goal would be to get the clients to successfully obtain DHCP information and to be able to browse internal and external websites.

Any suggestions would greatly be appreciated.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
purohit_810 Fri, 06/27/2008 - 18:45

Have you configured Split Tunnel for Internet?

DNS you IPs are you have to assign IPsec group. Have you assigned?

Let me know your configuration.. will give me better idea.

If you can i suggest install anyconnect client, If you have SSL licences. It is far better and faster then IPSec client.

Thanks,

Dharmesh Purohit

Actions

This Discussion