Maintaining Internal DNS After Connecting to Client VPN

Answered Question
Apr 9th, 2010
User Badges:

We connect to client VPN's all day and I wanted to know if there is a way to still use our Internal LAN DNS while connected. For instance, when I connect to client A's VPN, our internal mail server and dns resolves to the public IP's.


Thanks

Correct Answer by Jennifer Halim about 7 years 2 months ago

You can configure split-dns feature, but that can only be configured at your client's vpn device because you are only connecting with vpn client and normally vpn client policies get pushed from the vpn headend device.


Here is the split-dns command if your client happens to run ASA firewall, and they allow you to configure it:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/s8.html#wp1404571

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jennifer Halim Fri, 04/09/2010 - 15:21
User Badges:
  • Cisco Employee,

You can configure split-dns feature, but that can only be configured at your client's vpn device because you are only connecting with vpn client and normally vpn client policies get pushed from the vpn headend device.


Here is the split-dns command if your client happens to run ASA firewall, and they allow you to configure it:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/s8.html#wp1404571

jgorman1977 Sat, 04/10/2010 - 08:08
User Badges:

Perfect. I administer the clients ASA, so this won't be an issue. Thank you.

Actions

This Discussion