Cisco Support Community
Community Member

Any Connect and client DNS registration within AD


Last week, we've enabled our Microsoft DNS to permit the registration of clients. (For some reason this feature was not enabled) Now we've noticed some strange but understandable behavior when our remote users login to anyconnect,


Joe Buck logs into our any connect portal from home, is given an IP address from our ASA set pool say, his DNS is set to, Joe does a nslookup from his home PC and the result shows jbuck-homePC. Joe is running a Windows7 client.

Joe disconnects from his session and Jane Doe logs in likewise. Jane receives the IP address and her DNS servers are set likewise and Jane executes the command from her home computer the nslookup and receives the response jbuck-homePC.

This is an issue that I'm trying to resolve. I'm thinking that Joe has his computer to register with DNS and Jane does not. Regardless I'm looking for a resolve where for instance if Joe Buck woould terminate his SSL VPN session, our internal DNS would flush his DNS record.

Thought 1) Would Cisco have any command that I might be missing that can be set on the VPN config file?

Thought 2) Can I setup my ASA to pull addresses from my inside DHCP server from a specific scope?

Your thoughts?



Cisco Employee

Re: Any Connect and client DNS registration within AD

Yes, you can configure ASA to assign VPN Client ip address from an internal DHCP server.

Here is the configuration guide for your reference:

Hope that helps.

CreatePlease to create content