Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
434
Views
0
Helpful
1
Replies

ASA site to site tunnel not apearing to pass DNS Info

fhill
Level 1
Level 1

‎08-21-2013 08:43 AM

                   Hello - We have two sites with ASA 5505s that connects back to corprate building via a site to site tunnel.  Up until today they were working fine. (over a year)  Today then do not seem to be resolving DNS to any servers.  ICMP works fine (ping, traceroute).  We can telnet using port 53 to any DNS server from the remote site.  We have many sites using the same configuration that continue to work fine. I used the packet capture feature on the ASA and DNS seems to be passing.  The only strange thing I see on the trace is "DNS: C ID=58602 OP=QUERY A NAME=wpad.atlanticare.org "  atlanticare.org is our Domain name but I have not idea what "wpad" is.    Any help is appreciated. Thanks -Frank

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-21-2013 09:56 AM

WPAD is Web Proxy AutoDiscovery protocol. Reference.

We would see this most commonly when the remote site's DHCP server was set to provide clients with a WPAD URL. When that is done, it will take precedence over the client's DNS configuration and possibly cause "regular" DNS lookups to fail.

0 Helpful
Customers Also Viewed These Support Documents