https://community.cisco.com/t5/network-security/dns-problem-in-anyconnect-client/m-p/1979304#M401540 <P>I configured the Anyconnect vpn on the ASA device and I enabled split tunneling with ACE rules to tunnel traffic that matches my INTERNAL and DMZ networks.</P><P></P><P>I set the DNS server to my ISP's provider.</P><P></P><P>I can't seem to get any dns when connected with a client, only workaround I have is to put my DNS to 8.8.8.8 and it will work.</P><P></P><P>My goal is I would like to use either the dns of the client, or send dns through my asa and use my internal dns.</P><P></P><P>I don't want to put DNS1 as my ISP's, and DNS2 as a public DNS... I find it messy.</P><P></P><P>I've provided print screens to show my set up with ASDM.</P> Mon, 11 Mar 2019 23:35:23 GMT Brendan Wood 2019-03-11T23:35:23Z https://community.cisco.com/t5/network-security/dns-problem-in-anyconnect-client/m-p/1979304#M401540 <P>I configured the Anyconnect vpn on the ASA device and I enabled split tunneling with ACE rules to tunnel traffic that matches my INTERNAL and DMZ networks.</P><P></P><P>I set the DNS server to my ISP's provider.</P><P></P><P>I can't seem to get any dns when connected with a client, only workaround I have is to put my DNS to 8.8.8.8 and it will work.</P><P></P><P>My goal is I would like to use either the dns of the client, or send dns through my asa and use my internal dns.</P><P></P><P>I don't want to put DNS1 as my ISP's, and DNS2 as a public DNS... I find it messy.</P><P></P><P>I've provided print screens to show my set up with ASDM.</P> Mon, 11 Mar 2019 23:35:23 GMT https://community.cisco.com/t5/network-security/dns-problem-in-anyconnect-client/m-p/1979304#M401540 Brendan Wood 2019-03-11T23:35:23Z https://community.cisco.com/t5/network-security/dns-problem-in-anyconnect-client/m-p/1979305#M401541 <HTML><HEAD></HEAD><BODY><P>Brendan, </P><P></P><P>So you dont want your DNS to be tunneled is that correct?</P><P></P><P></P><P>Mike</P></BODY></HTML> Fri, 27 Jul 2012 07:32:24 GMT https://community.cisco.com/t5/network-security/dns-problem-in-anyconnect-client/m-p/1979305#M401541 Maykol Rojas 2012-07-27T07:32:24Z https://community.cisco.com/t5/network-security/dns-problem-in-anyconnect-client/m-p/1979306#M401542 <HTML><HEAD></HEAD><BODY><P>Yeah I'm asking 2 things here.&nbsp; I want to learn how to do this both ways.</P><P></P><P>First of all, How can I tunnel that dns request so it hits my isp's server through my own network?&nbsp; My ISP's dns's are only accessible to people directly on the network so I assume it needs to be tunnelled and natted or something like that.</P><P></P><P>Also, is there a way to set up the vpn so that my client will use it's own dns it was using prior to connecting to easyvpn?&nbsp; Eg:&nbsp; if I was on a cell phone using the cell phone provider's dns, I want to still use the same dns and tunnel only my lan/dmz traffic.</P><P></P><P>Thanks.</P></BODY></HTML> Fri, 27 Jul 2012 14:59:37 GMT https://community.cisco.com/t5/network-security/dns-problem-in-anyconnect-client/m-p/1979306#M401542 Brendan Wood 2012-07-27T14:59:37Z https://community.cisco.com/t5/network-security/dns-problem-in-anyconnect-client/m-p/1979307#M401543 <HTML><HEAD></HEAD><BODY><P>Hi Bro</P><P>You'll need to enable the split dns command available in your Cisco ASA FW. Here's a sample</P><P></P><P>group-policy NETWORK_ADMIN attributes</P><P> dns-server value 10.10.10.4 202.188.1.5</P><P> split-tunnel-policy tunnelspecified</P><P> split-tunnel-network-list value ACL_NETWORK_ADMIN</P><P> default-domain value cisco.com</P><P> split-dns value cisco.com</P><P></P><P>P/S: If you think this comment is helpful, please do rate them nicely <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P></BODY></HTML> Sun, 29 Jul 2012 03:31:21 GMT https://community.cisco.com/t5/network-security/dns-problem-in-anyconnect-client/m-p/1979307#M401543 Ramraj Sivagnanam Sivajanam 2012-07-29T03:31:21Z