02-22-2017 07:17 AM
Hello
I have successfully configured a smart-tunnel process (mstsc.exe) which works great using IP address. (ASA Code 9.6)
e.g.
when connected to my client-less VPN I can open my local remote desktop manager within Windows then enter IP address of the internal PC / server etc ...this connects just fine.
I am unable to get this working using the DNS name (fqdn) of the PC or server, e.g. from within my remote desktop connection I enter pc123 or pc123.domain.com - this fails to connect.
from the ASA I can ping using fqdn or the above PC / server without any issues.
Can you help?
Jim,
Solved! Go to Solution.
02-22-2017 11:31 AM
Do you have some smart tunnel network policy in place to allow access to only certain networks internally?
02-22-2017 11:31 AM
Do you have some smart tunnel network policy in place to allow access to only certain networks internally?
02-23-2017 03:16 AM
Yes I believe i do Rahul
There is a smart-tunnel application list containing mstsc.exe and also a smart-tunnel network policy that contains the subnet for the DNS server - this is enabled on the group policy
on the smart-tunnel network policy the tunnel option is set to "use smart tunnel for the specified network"
Cheers
Jim
02-23-2017 03:43 AM
02-23-2017 03:53 AM
Yes good spot Rahul,
I will add the /32 IP address and hostname to the network list and update you soon.
Thanks again.
Jim
02-23-2017 07:58 AM
Hi Rahul
Thanks for pointing me in the right direction - I got this working by adding the (star.domain.com) *.domain.com to the smart tunnel network list
I can now RDP to any machine on the LAN e.g. PC123.domain.com
My next challenge will be to get this working minus the full domain name e.g. PC123
I have marked this as correct and 5/5 for your help.
Cheers
Jim.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide