DNS resolution on Anyconnect - multiple different internal DNS servers
We have multiple different internal windows AD domains within our network, that currently do not replicate their DNS zones between them.
Is there anyway with an ASA/anyconnect VPN to create a configuration so the ASA inspects the DNS lookups from a user connected via the anyconnect VPN client, and route it to a defined internal DNS server?
For example I have three internal AD domains site1.com with a dns server ip of 184.108.40.206 , site2.com 220.127.116.11, site3.com with a dns server ip of 18.104.22.168, when a user VPN's in and performs a dns lookup for the name server1.site1.com the ASA see's it is for site1.com and routes the lookup to 1.1.1., however when a user performs a dns lookup for server1.site2.com, the asa see's its is fro site2.com and routes the DNS lookup to 22.214.171.124.
Any thoughts on alteratives to over come the problem also welcome and/or if anyone can point me to a link that explains the function of "mulitple DNS server groups, which is located in the ASDM interface under Remote Access VPN->DNS (as I have not been able to find a plain english explanation of the function as I am unsure if this does what I am looking for)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...