Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1613
Views
0
Helpful
4
Replies

Split-dns configuration

erga
Level 1
Level 1

‎04-10-2018 12:29 PM - edited ‎03-12-2019 05:11 AM

I need the VPN users to access one specific server externally

What I have done specify the internal domain to the splig-dns configuration.

I have not configured any access-list, as I need the users to resolve the server domain name to the external IP.

 

Any insight on this, is there a workaround

 

ASA 5525x

Anyconnect 4.4

 

Thanks in advance

Labels:
0 Helpful
4 Replies 4

Mohammed al Baqari
Level 11
Level 11

‎04-10-2018 10:22 PM

In you group-policy disable dns-tunnel-all and specific domains which you
want to resolve using AnyConnect VA.

group-policy exmaple attributes
dns-server value 10.150.1.50
split-dns value domain1.com domain2.com
split-tunnel-all-dns disable
0 Helpful

erga
Level 1
Level 1
In response to Mohammed al Baqari

‎04-11-2018 04:43 AM

Thank you, but that is not working. I also set up split tunneling and anyconnect is dropping all the traffic that is not going through the tunnel.


0 Helpful

Mohammed al Baqari
Level 11
Level 11
In response to erga

‎04-11-2018 05:07 AM

Share your config
0 Helpful

erga
Level 1
Level 1
In response to Mohammed al Baqari

‎04-11-2018 05:17 AM

group-policy X.X.X.X attributes

dns-server value X.X.X.X

........

split-tunnel-policy tunnelspecified

split-tunnel-network-list value Internal

.......

split-dns value MYDOMAIN.COM

split-tunnel-all-dns disable

......




0 Helpful
Customers Also Viewed These Support Documents