04-30-2010 11:23 AM - edited 03-04-2019 08:20 AM
Hello,
I have a remote office that has an 871W and that's using a site-to-site VPN to an ASA 5505. Currently all DNS traffic is going to the main office for resolution. Is it possible to configure a split DNS so internal lookups continue across the VPN, but external requests use the remote office ISP?
I do have split tunneling enabled, but I can't figure out how to split the DNS.
Thanks!
04-30-2010 05:30 PM
Hi,
I've done this in the ASA or Concentrator.
On the ASA you have the option to configure split-dns in environments with split tunneling.
You go under the group-policy to configure the list of domains to be resolved through the
split tunneling.
group-policy sales attributes
split-dns value example.com
I've never done it in IOS routers, but it seems that it can be done.
Hope this link helps:
http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/htspldns.html
Federico.
05-02-2010 01:15 PM
Hi,
I have been trying to get the same feature working and at last succeeded. I've posted my config below which was added on an 877W, so should be good for you in your scenario too.
ACL 101 is my inbound ACL against Dialer0 interface.
Thanks,
Kevin
interface BVI1
ip dns view-group mycomp_viewlist
ip dns view mycomp
domain name-server 192.168.1.x
domain name-server 192.168.1.x
dns forwarder 192.168.1.x
dns forwarder 192.168.1.x
dns forwarding source-interface BVI1
ip dns view default
domain name-server 212.x.x.x
domain name-server 212.x.x.x
dns forwarder 212.x.x.x
dns forwarder 212.x.x.x
dns forwarding source-interface BVI1
ip dns view-list default
ip dns view-list mycomp_viewlist
view mycomp 5
restrict name-group 10
view default 10
ip dns name-list 10 permit .*.mycomp.CO.UK
ip dns server
access-list 101 permit udp host 212.x.x.x eq domain any gt 1023
access-list 101 permit udp host 212.x.x.x eq domain any gt 1023
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide