I am attempting to see how to enable Internal DNS Lookup before External Lookup for AnyConnect connected users. I have looked at this link https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/115753-dns-doctoring-asa-config.html#topic4 but I have not figured out how to setup NAT statements to enable DNS that would allow Internal DNS lookup before External DNS lookup.
We are using a 'VPN-Pool'
ip local pool VPN-Pool 10.8.40.200-10.8.40.220 mask 255.255.255.0
to set an address for VPN clients. DNS is enabled on Inside and Outside Interfaces. When you connect using AnyConnect you get nslookup responses for external sites but internal fails.
Figuring this out allows DNS Naming scheme we are using internally to be used when outside and VPN in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: