Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1001
Views
5
Helpful
4
Replies

Anyconnect on chromeos - DNS question

Kdedesko
Level 1
Level 1

‎02-28-2019 08:58 PM

Quick question. Can't find the answer.  When a chromebook user brings up a vpn using the anyconnect client to an ASA, I assume the DNS server the client now uses would be the one the ASA specifies, so internal corporate URLs can be resolved.

 

Can someone confirm this ?

 

Thanks.

 

 

 

Labels:
4 Replies 4

marce1000
VIP
VIP

‎03-01-2019 02:29 AM

 

 - And your experience is ?

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Kdedesko
Level 1
Level 1
In response to marce1000

‎03-01-2019 07:15 AM

My experience with chromebooks is zero.  We only provide the solutions in a supported manner for windows, linux, mac clients.

 

Logic would tell me that the dns that the ASA would tell the client t ouse would over-ride the local one (how else woul you access internal urls), but I need be certain.

 

The various forums about Chromebook Anyconnect talk about not being able to resolve internal urls after a certain version, etc.

0 Helpful

marce1000
VIP
VIP
In response to Kdedesko

‎03-01-2019 10:15 AM

>...

>Logic would tell me that the dns that the ASA would tell the clientt  use would over-ride the local one (how else woul you access internal urls), but I need be certain.

  - That will normally be the case since the VPN normally uses a kind of 'virtual network interface' which will use the DNS-servers of the ASA. But if you need to be certain, better to test with a chromeos based test device.

M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

vialikasielec
Level 1
Level 1

‎07-12-2019 08:16 AM

Hi.

 

I have an experience of using Anyconnect on a Pixelbook. DNS name resolution turned out to be quite tricky and I would divide it into three parts:

1. ChromeOS itself uses DNS servers provided by Anyconnect and resolves names properly.

2. Linux applications provided by Crostini could not resolve hostnames before ChromeOS 75. Now they can and i did not run into any issues with this so far.

3. Android applications could resolve hostnames before ChromeOS 75 but this seems to be broken with the latest upgrade. Still traffic generated by Android apps is routed through the VPN tunnel, only DNS is impacted.

 

I basically hope to hear from someone from Cisco on this forum what is the status current status of ChromeOS Anyconnect app and how we can restore its operation.

 

Note that if you use Android Anyconnect application on a Chromebook, other Android applications will resolve hostnames but Linux applications will not be able to reach anything via the tunnel as of now.

 

HTH,

Andrei

0 Helpful
Customers Also Viewed These Support Documents