Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3153
Views
0
Helpful
2
Replies

Dns Suffix which ASA distributes

nyanko-nt
Level 1
Level 1

‎09-14-2012 07:30 AM

We use ASA VPN (Cisco VPN Client and Anyconnect)

Note PC Physical interface
=====================================================
Domain Primary Dns Suffix:    xxxx.hogehoge.com
Physucal Interface Suffix List:         xxxx.hogehoge.com
                        hogehoge.com
                        hogehoge.co.jp
=====================================================

Dns Suffix which ASA distributes
=====================================================
hogehoge.co.jp
=====================================================

Connecting VPN with Cisco VPN Client(IPSec)
=====================================================
        Primary Dns Suffix  . . . . . . . : xxxx.hogehoge.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hogehoge.co.jp
                                            xxxx.hogehoge.com
                                            hogehoge.com
                                            hogehoge.co.jp

=====================================================

Connecting VPN with AnyConnect(SSL VPN)
Can't see 'hogehoge.co.jp'(from ASA ?)
=====================================================
        Primary Dns Suffix  . . . . . . . : xxxx.hogehoge.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hogehoge.co.jp
                                            xxxx.hogehoge.com
                                            hogehoge.com
=====================================================

When the same DNS Suffix is distributed, does the overlapping DNS Suffix disappear?
Is this the specification of Any Connect?

Labels:
0 Helpful
2 Replies 2

jonrojas
Level 1
Level 1

‎09-14-2012 08:32 AM

Hi,

AnyConnect or the VPN Client will just add the suffixes you specify on the ASA, so if you add one that is already on the computer you will see a duplicate, but it shouldn't affect functionality.

HTH

Jonnathan

0 Helpful

nyanko-nt
Level 1
Level 1
In response to jonrojas

‎09-20-2012 03:03 PM

We checked another Domain Suffix.


Windows IP Configuration

=====================================================
        Primary Dns Suffix  . . . . . . . : hogehoge.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hogehoge1.com
                                            hogehoge2.com
                                            hogehoge3.com
                                            hogehoge4.com
=====================================================

Dns Suffix which ASA distributes
=====================================================
hogehoge3.com
=====================================================


Connecting VPN with AnyConnect(IPSec VPN)
=====================================================
        Primary Dns Suffix  . . . . . . . : hogehoge.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hogehoge3.com
                                            hogehoge1.com
                                            hogehoge2.com
                                            hogehoge3.com
                                            hogehoge4.com
=====================================================


Connecting VPN with AnyConnect(SSL VPN)
Can't see 'hogehoge4.com'(Not Overlap DNS Suffix)
=====================================================
        Primary Dns Suffix  . . . . . . . : hogehoge.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hogehoge3.com
                                            hogehoge1.com
                                            hogehoge2.com
                                            hogehoge3.com
=====================================================

Although the same DNS Suffix was made to distribute this time also, DNS Suffix which is not overlapped disappeared.

Why is this?

0 Helpful
Customers Also Viewed These Support Documents