I am setting up a new ASA 5510 with v8 software. I have L2TP-IPSec clients using the Microsoft Client to connect. Once connected the client receives an IP, DNS server and WINS servers but the Domain Name for the "Connection Specific DNS Suffix" is blank. How can I get the clients to pickup the dns suffix?
Also when I do an nslookup hostname, the response is coming from the DNS servers attached to my LAN Adapter, not the VPN Adapter.
group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
wins-server value 192.168.1.2 192.168.11.10
dns-server value 192.168.1.2 192.168.11.10
vpn-tunnel-protocol IPSec l2tp-ipsec
split-tunnel-network-list value DefaultRAGroup_splitTunnelAcl
One thing you may try on the ASA is to set the 2nd and 3rd DNS server to the same as the first one. If you are running a split tunnel the requests could go to the ISP's DNS servers. Another thing to try, for troubleshooting, would be to do a dedicated connection (no split tunnel) and see if that helps clear up any of the problems.
I wasn't able to get the L2TP setup to work as I expected, it seems to me while it is supported the implementation of all the features is not as robust as just using the Cisco client. I had been using Microsoft RAS' implementation of L2TP and it worked great, but I wanted to get away from the server requirement. I was never able to get a Vista L2TP client to connect to the Cisco ASA.
I'm switching over to Cisco client with just IPSec.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...