Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

split DNS on ASA 5510 remote access vpn not working

I'm successfully connecting to the tunnel and can ping hosts remotely by IP but am unable to browse the internet from the VPN client. Also, host name resolution on remote end is not working .. can only connect via IP address. Ideas? Thanks again!

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: split DNS on ASA 5510 remote access vpn not working

Your PTRAS group-policy has the correct split tunneling and split dns settings. But I think you are being assigned the DfltGrpPolicy rather than your PTRAS group-policy because the group-policy is not set in your tunnel group nor being passed from authentication.

Do a "show vpn-sessiondb remote" to confirm which group policy is being assigned To fix it, assign your PTRAS group policy to your tunnel group as follows:

tunnel-group general-attributes

default-group-policy PTRAS

-heather

2 REPLIES
Cisco Employee

Re: split DNS on ASA 5510 remote access vpn not working

Your PTRAS group-policy has the correct split tunneling and split dns settings. But I think you are being assigned the DfltGrpPolicy rather than your PTRAS group-policy because the group-policy is not set in your tunnel group nor being passed from authentication.

Do a "show vpn-sessiondb remote" to confirm which group policy is being assigned To fix it, assign your PTRAS group policy to your tunnel group as follows:

tunnel-group general-attributes

default-group-policy PTRAS

-heather

New Member

Re: split DNS on ASA 5510 remote access vpn not working

heather strikes again, thanks!

1405
Views
0
Helpful
2
Replies
CreatePlease to create content