cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
475
Views
0
Helpful
0
Comments
Carl Fitzsimmons
Beginner
Beginner

I am attempting to see how to enable Internal DNS Lookup before External Lookup for AnyConnect connected users. I have looked at this link https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/115753-dns-doctoring-asa-config.html#topic4 but I have not figured out how to setup NAT statements to enable DNS that would allow Internal DNS lookup before External DNS lookup.

We are using a 'VPN-Pool'

ip local pool VPN-Pool 10.8.40.200-10.8.40.220 mask 255.255.255.0

to set an address for VPN clients. DNS is enabled on Inside and Outside Interfaces. When you connect using AnyConnect you get nslookup responses for external sites but internal fails.

Figuring this out allows DNS Naming scheme we are using internally to be used when outside and VPN in.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers