cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1156
Views
0
Helpful
5
Replies

VPN Client DNS Issue

rmessina
Level 1
Level 1

Our employees use a cisco IPSEC client to connect to our 5520 for VPN connectivity.  This system has been up and working for 3 years.  Now we're getting intermittent DNS issues reported.  When an employee connects from home sometimes the employee's computer will use their ISP's DNS servers instead of our internal DNS servers that are listed in the group profile.  This does not happen every time.  Are ISP's starting to do something that is affecting the way DNS works over VPN? Please help. 

5 Replies 5

mvsheik123
Level 7
Level 7

Hi Randy,

Not that Iam aware of from ISP point.  Did you try reinstall the client on the clients with issues? The VPN adapter DNS should take priority.

Thx

MS

Yes we've tried different clients both Cisco and third party with the same result.

Patrick0711
Level 3
Level 3

If no split dns domains are specified then then only the VPN DNS server should be used.   Does this affect all users or just one?

It affects some users not all.  It's very difficult to recreate. And split tunneling is enabled, and default domain is specified.  I'm not sure about the split dns domains.  Where is that configured in the ASDM?

This is the group policy

group-policy xxxxx attributes

wins-server value 10.20.16.5 10.20.16.6

dns-server value 10.20.16.3 10.20.16.4

vpn-tunnel-protocol IPSec l2tp-ipsec

split-tunnel-policy tunnelspecified

split-tunnel-network-list value xxxxx_splitTunnelAcl_2

default-domain value xxxxxx.com

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: