I have an internal DNS server that works perfectly when I use it to resolve names at a workstation. I also added an external DNS server as the secondary DNS server in the configuration settings Configuration -> System -> Servers -> DNS.
This unit has the same filters applied that the unit had when it was fresh out of the box.
Any ideas as to why the unit can not resolve DNS names would be of great help.
Re: Trouble with DNS resolution on VPN Concentrator
The Public interface has th epublic filter applied ot it by default. This filter is very restrictive nd only allows encrypted type packets in (ESP, PPTP, L2TP, etc) and pings. You'd have to create rules for DNS traffic and them add them to the public filter for an external DNS server to work (under Config - Policy Mgmt - Traffic Mgmt - Rules and Filters).
As for why your internal DNS server doesn't resolve properly, I have no idea. Check to make sure the private filter or no filter is applied to the private interface, and that the private filter (if applied) hasn't been changed from its default rules of Any In and Any Out (under the same section as above).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...