Anyconnect split tunnel and dns issue

abhisar patil · ‎04-18-2018

Hi

I configured anyconnect and doing split tunnel for 4 internal websites. So after connecting, VPN afaptor getting route for 4 servers. So far ok.

Now when we try to connect to any url the urls can not be resolved. How to fix this issue. I want all dms request to come to asa without adding dns ip in split tunnel.

It is doable or we need to add dns ip in split tunnel list. It

Please suggest.

Florin Barhala · ‎04-19-2018

Are you pushing a dns server from Anyconnect to the clients? If YES, if you push a DNS behind ASA this should do the trick (although you will see in the routing table of your client DNS_server IP).

Bogdan Nita · ‎04-19-2018

If you are pushing the dns servers from anyconnect, they will be automatically added to the split tunnel list. You can verify this by connecting to vpn, go to settings and then route details tab, you should see /32 addresses for the dns servers in the secured routes section.

HTH

Bogdan

Marius Gunnerud · ‎04-19-2018

Add your internal DNS servers to the group-policy that is assigned to the AnyConnect user. Replace the IPs in the example with your own DNS server IPs.

group-policy GrpPolicy-Name attributes
dns-server value 10.10.10.1 10.10.10.2

--
Please remember to select a correct answer and rate helpful posts