Our oganisation is having an issue with remote access ipsec vpns from iphones to a ASA firewall. Currently we are able to intiate a VPN and get IP connectivity through the VPN. However we are unable to resolve dns using the internal dns servers. We need this so we can resolve intranet.companyname.local.
I have seen posts in forums mentioning the following but I have been unable to confiirm -
- Apple reserve .local so anything on this domain won't resolve
- Internal DNS won't work on the iPhone cisco VPN client
- There is a bug in version 4 with the Cisco VPN
While troubleshooting I turned on split tunneling and split DNS and can browse to the internet while this is enabled but not to internal sites.
The DNS servers are pingable from the iPhone it just seems it does not use internal DNS servers even though they are in the group policy.
group-policy iPhone attributes dns-server value 10.x.x.x 10x.x.x
split-tunnel-policy tunnelall default-domain value companyname.local split-dns value companyname.local
- iPhone3 version 4.X
- ASA 5520 running 8.2(1)
We would like to tunnel everything ( no split tunneling ) and resolve DNS from our interneral servers once the VPN is enabled from the iPhone. This way we can browse to our internal servers. Any suggestion/answers or similar issues?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...