08-16-2017 03:27 PM - edited 02-21-2020 09:24 PM
Hey all,
I have a hostname that needs to be available both inside and outside our network on the same name. If a user is outside our network, I need them to resolve the name to a public address even when connected via AnyConnect client. Is there a way to intercept the DNS query and return the public address? I'm open to ideas.
Thanks,
Patrick
08-16-2017 11:37 PM
The only thing i have in my mind is to utilize the DNS inspection on the ASA and drop the query that has that name in the questions section.
Moh,
08-16-2017 11:44 PM
You can drop the query when coming from the client pool. Look at this example
https://www.tunnelsup.com/using-just-a-cisco-asa-to-block-specific-websites/
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: