Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1806
Views
0
Helpful
1
Replies

Remote Access VPN DNS

Go to solution
haggittmark@tm-america.com
Level 1
Level 1

‎06-09-2020 09:04 AM

In our VPN setup show below, I discovered that we do not have a DNS entry for VPN. I want to add the internal DNS server. (I think the lack of the DNS entry might be why we use HOST files to point to internal servers). However, the domain name listed in the picture, tma.com, does not match our internal domain name. The domain name listed, tma.com, is actually what someone has entered into all the switches. Does this matter? Can I change the domain name to match our actual domain name without messing something up.

Labels:
Preview file
181 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎06-09-2020 08:00 PM

Hi

You can configure the correct domain name with your resolvers and validate anyconnect configuration to send query for this domain through the tunnel if you have a split tunnel.
It doesn’t matter what domain name you have on your switches for the vpn part.
You can also change the domain on switches if you want to resolve fqdn names on them. However, if you don’t have a rsa generated for your ssh specifically on your switches, by default it is linked with your switch hostname and domain name, so you’ll need to change it as well (but this is for switches).

Again for anyconnect users, no impact with what configured on switches.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎06-09-2020 08:00 PM

Hi

You can configure the correct domain name with your resolvers and validate anyconnect configuration to send query for this domain through the tunnel if you have a split tunnel.
It doesn’t matter what domain name you have on your switches for the vpn part.
You can also change the domain on switches if you want to resolve fqdn names on them. However, if you don’t have a rsa generated for your ssh specifically on your switches, by default it is linked with your switch hostname and domain name, so you’ll need to change it as well (but this is for switches).

Again for anyconnect users, no impact with what configured on switches.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful
Customers Also Viewed These Support Documents