DNS at branch offices

Unanswered Question
Jul 15th, 2008

I have a HQ site located in the UK and all my main infrastructure is located within this site. At this site I have a VPN 3000 concentrator.

I am thinking of deploying a 878 router at our new branch office in Australia.

Now, since people in Australia will need to access stuff in the UK over the VPN link I need to give them some sort of DNS, I could either make them use their ISP dns servers or the dns servers in the UK.

I think with the latency between Australia/UK using the dns servers at the HQ site would not be a smart move, on the other hand if I use the ISP dns servers they won't be able to resolve domain.local.

I can't setup a new dns server in Australia, is there some way of doing some 'split dns' where I query the UK for domain.local and use the ISP dns servers for everything else?

Thanks in advance,


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
complinetnetworks Tue, 07/15/2008 - 06:29

Thanks for the reply. That example seems to be for a software vpn client. How would this apply to a router running IOS?

Thanks - Ben

Farrukh Haroon Tue, 07/15/2008 - 08:42

It shouldn't matter as long as its supported. The policies are defined at the EZVPN Server (Concentrator) and not the client.



complinetnetworks Mon, 07/21/2008 - 02:14

Hi again, I thought I would post my progress.

I have got everything working, however it does seem that you cannot do split-dns with split tunnels. I haven't tried this without the split tunnels yet, I guess this is a limitation of the software?

kgreenway Tue, 02/17/2009 - 00:50

Hi There,

I'm interested in hearing what solution you ended up using in the end. I'm at much the same point as you were. I have several VPN tunnels from remote locations (cisco 877's) to a Cisco PIX firewall.

I want queries to our Active Directory domain (abccompany.local) to pass to the local DNS, and all other queries to pass to public DNS servers.

Any examples you could give would be much appreciated.




This Discussion