Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3760
Views
10
Helpful
4
Replies

ASA multiple dns server groups not work

Go to solution
Sergey Prishchepa
Spotlight
Spotlight

‎07-03-2019 01:56 AM

Hello!

I make multiple dns server groups for ASA5525 asa991-smp-k8.bin like this:

 

 

dns domain-lookup outside
dns domain-lookup inside
!
dns server-group DefaultDNS
name-server 192.168.1.1
name-server 192.168.1.2
domain-name dns1.com
!
dns server-group DNS2
name-server 192.168.2.1
name-server 192.168.2.2
domain-name dns2.com

Dns server-group DefaultDNS work fine, but dns server-group DNS2 does not work.

sh dns host host2.dns2.com
Name: host2.dns2.com (unresolved)

host2.dns2.com exists and nslookup is working from the network inside.


What is the problem?

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP
VIP

‎07-04-2019 04:31 AM

I assume you have the wrong expectation on what the server-groups do. For each given function, only one server-group is used. The ASA uses the DefaultDNS group. The aim of having a second or more of these groups is to have different functions use different servers.

Example:

The ASA itself used DefaultDNS. But you host a clientless VPN-portal for two different customers. For each customer, you can configure one DNS-group so that they can access their internal resources.

--
If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

View solution in original post

4 Replies 4

Go to solution
Karsten Iwen
VIP
VIP

‎07-04-2019 04:31 AM

I assume you have the wrong expectation on what the server-groups do. For each given function, only one server-group is used. The ASA uses the DefaultDNS group. The aim of having a second or more of these groups is to have different functions use different servers.

Example:

The ASA itself used DefaultDNS. But you host a clientless VPN-portal for two different customers. For each customer, you can configure one DNS-group so that they can access their internal resources.

--
If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

Go to solution
Sergey Prishchepa
Spotlight
Spotlight
In response to Karsten Iwen

‎07-04-2019 06:21 AM

OK. If I add all servers for different domains in Default DNS, will it work?

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to Sergey Prishchepa

‎07-04-2019 07:57 AM

No, you have to solve this problem on the DNS-server. That server needs to resolve dns2.com or forward the request to the right name server.
--
If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

Go to solution
Sergey Prishchepa
Spotlight
Spotlight
In response to Sergey Prishchepa

‎07-04-2019 09:23 AM

Thanks a lot!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card