cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


222
Views
5
Helpful
1
Replies
Beginner

My ASA cannot connect to DNS server through IPSec VPN tunnel site-to-site

Hello forum,

My network infrastructure has a Headquarter site and several branch offices. All end use ASA firewall. I used IPSec VPN tunnel between remote site and the HQ. Everything is working fine except the DNS  configured in ASAs at branch office. the DNS server and my monitoring software is located on HQ site.

From the remote ASAs I cannot resolve FQDN objects, it cannot query to my internal DNS servers. However users from remote sites can do as normal.

In addition, I cannot find where to configure the source interface of DNS, SNMP traffic generated locally from ASA. I think that the problem is I cannot get the traffic generated by ASA to go through VPN tunnel.

How can I resolve this problem, please advise me! If is there any thread which have the same problem and resolved, please give me a link.

Thanks you,

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Advisor

Include the public IP address

Include the public IP address of the remote ASA (remote from HQ) in the encryption domain and it will work.

1 REPLY 1
Highlighted
VIP Advisor

Include the public IP address

Include the public IP address of the remote ASA (remote from HQ) in the encryption domain and it will work.