Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1799
Views
0
Helpful
1
Replies

Any Connect and client DNS registration within AD

jskrawczyk
Level 1
Level 1

‎10-08-2010 05:28 PM

Hi,

Last week, we've enabled our Microsoft DNS to permit the registration of clients. (For some reason this feature was not enabled) Now we've noticed some strange but understandable behavior when our remote users login to anyconnect,

Example:

Joe Buck logs into our any connect portal from home, is given an IP address from our ASA set pool say 172.30.1.20, his DNS is set to 172.31.16.140, 172.31.16.30. Joe does a nslookup 172.30.1.20 from his home PC and the result shows jbuck-homePC. Joe is running a Windows7 client.

Joe disconnects from his session and Jane Doe logs in likewise. Jane receives the IP address 172.30.1.20 and her DNS servers are set likewise 172.31.16.140 and 172.31.16.30. Jane executes the command from her home computer the nslookup 172.30.1.20 and receives the response jbuck-homePC.

This is an issue that I'm trying to resolve. I'm thinking that Joe has his computer to register with DNS and Jane does not. Regardless I'm looking for a resolve where for instance if Joe Buck woould terminate his SSL VPN session, our internal DNS would flush his DNS record.

Thought 1) Would Cisco have any command that I might be missing that can be set on the VPN config file?

Thought 2) Can I setup my ASA to pull addresses from my inside DHCP server from a specific scope?

Your thoughts?

Sincerely

Jeff

Labels:
0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎10-08-2010 05:35 PM

Yes, you can configure ASA to assign VPN Client ip address from an internal DHCP server.

Here is the configuration guide for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/vpnadd.html#wp999516

Hope that helps.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents