Solved: split DNS on ASA 5510 remote access vpn not working

mbazan · ‎11-05-2009

I'm successfully connecting to the tunnel and can ping hosts remotely by IP but am unable to browse the internet from the VPN client. Also, host name resolution on remote end is not working .. can only connect via IP address. Ideas? Thanks again!

hdashnau · ‎11-05-2009

Your PTRAS group-policy has the correct split tunneling and split dns settings. But I think you are being assigned the DfltGrpPolicy rather than your PTRAS group-policy because the group-policy is not set in your tunnel group nor being passed from authentication.

Do a "show vpn-sessiondb remote" to confirm which group policy is being assigned To fix it, assign your PTRAS group policy to your tunnel group as follows:

tunnel-group general-attributes

default-group-policy PTRAS

-heather

View solution in original post

hdashnau · ‎11-05-2009

Your PTRAS group-policy has the correct split tunneling and split dns settings. But I think you are being assigned the DfltGrpPolicy rather than your PTRAS group-policy because the group-policy is not set in your tunnel group nor being passed from authentication.

Do a "show vpn-sessiondb remote" to confirm which group policy is being assigned To fix it, assign your PTRAS group policy to your tunnel group as follows:

tunnel-group general-attributes

default-group-policy PTRAS

-heather

mbazan · ‎11-05-2009

heather strikes again, thanks!