I can successfully connect to my office Cisco AnyConnect VPN but I have some trouble accessing the office network because I can't resolve some private domain names.
The private domains I have problems resolving are like "example.bcgov" I think the problem is that I don't get an 'X-CSTP-Split-DNS: bcgov" header from the VPN gateway, so my client uses my ISP DNS server to resolve these domains (which is wrong).
Is there anything special I need to do to request the "X-CSTP-Split-DNS" headers from the VPN gateway? Can I do anything to confirm that these headers are entirely missing from the gateway's responses? And how should I reconfigure the gateway so it sends these headers?
Thanks again for these details Marcin, I shared them with the VPN administrator. He says that the VPN gateway does normally append the "bcgov" suffix to the VPN DNS configuration, but I am still not seeing "bcgov" or X-CSTP-Split-DNS headers anywhere in the responses from the gateway:
Is it possible that the "bcgov" domain or X-CSTP-Split-DNS headers are sent only in some responses from the gateway and not others? (Could the gateway be configured with the "bcgov" domain but there is something about my communication with the gateway causing the domain to be omitted from these responses?)
Is there some auxiliary way that the gateway might be configured to append the "bcgov" suffix to the VPN DNS configuration? (Such that I am not seeing it in the responses from the gateway?) Thanks!
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...