06-03-2020 09:30 AM
Hi everyone,
Hope you are all doing well and stay safe at home.
This is my first time to set up Anyconnect with FMC/FTD. So far it seems my configuration works but with one problem I can see.
I used "REALM" so users can sign on by using their Active Directory accounts. However, the users can only access the servers by their IP but not the names.
In the GROUP POLICY, I did put in my internal DNS (objects with correct ip) there. So what else do I miss?
Thank you for your help in advance.
Takami Chiro
06-03-2020 09:56 AM
06-03-2020 10:36 AM
In my case not all Group policies have the problem. Group policy is assigned via Radius, and I had to create a new one for plant access. The setup for DNS servers, and default domain is identical to the STDEMPMPLOYE policy but the user cannot access a SQL database unless they type in a fully qualified name, and cannot access a share on an AD server without an IP address.
06-03-2020 04:13 PM
Hi thank you for replying to me.
when i do ipconfig /all, i can see my internal dns. When i do nslookup it points to my internal server... but if i tried to type in server1 or server1.mydomain.com it replied request time out.
besides my default domain there Is set w my active directory domain, mydomain.com
so what is the problem?
thank you
06-03-2020 11:04 PM
Are you doing split tunnel or tunnel all? If split tunnel, is the address of the internal DNS server included in the tunneled networks?
In both cases does the internal DNS server know how (via its gateway of course) to reach the subnet of your VPN clients?
06-04-2020 09:04 AM
Hi Marvin
thank you for your response. Yes i used split tunnel and only private networks in the tunnel. (I do not want End user home internet using the vpn)
for the second part... In my case my vpn address pool is 10.10.10.1-128/24 and my lan is 10.10.x.x /23... May I ask if i need to add some settings or route for that? If so where should I add to?
Thank you for your help!
Takami Chiro
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide