09-10-2018 02:08 PM
Folks,
I have a simple site to site vpn setup using ASA's. We had overlapping address space on both sides therefore we are doing NAT as the traffic traverses over the IPSEC tunnel.
Since the VPN tunnel is between two different organizations they do not want to point to each other's DNS for resolution as safeguard themselves.
My question is what is the most scale able solution for this problem? Creating LMHost files on the hosts is not an option as there are many hosts.
I will surely rate any helpful answer.
09-10-2018 02:18 PM
Hi,
You could configure a name space within your DNS pointing the natted ip address of the remote servers, assuming you've setup static 1-2-1 nat.
What resources are you attempting to access of the VPN? If you are attempting to do anything with AD (like an AD trust relationship) this won't work as it will always attempt to connect to the real ip address.
HTH
09-10-2018 02:22 PM
Thanks for your response. There is no AD involved, just static 1-2-1 mappings.
How can i create a space in my DNS? they have a different domain? can you please elaborate.
09-10-2018 02:26 PM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: