Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
783
Views
0
Helpful
0
Replies

ASA DNS Doctoring - Inside Users vs Remote Access VPN Users

Anisuzzaman Bipu
Level 1
Level 1

‎12-24-2012 08:39 AM - edited ‎02-21-2020 06:34 PM

I got to use the public dns servers located outside (8.8.8.8). Got a mail server connected to dmz interface with private ip address (192.168.31.x) statically mapped with a public address (182.150.150.y) along with dns doctoring enabled. Name resulation works right to get 192.168.31.x (dns re-write) for mail.mycompany.com for Internal LAN users. And 182.150.150.y is resulated for mail.mycompany.com from external Internet which is correct. So far no issue.

I got remote access vpn setup using same ASA to allow remote users access internal resources with split-tunneling enabled. VPN users are even using external dns servers. 182.150.150.y is always resulated for mail.mycompany.com from vpn users that causes the traffic being unencrypted and travelling over unsecured Internet.

Is there a work-around so vpn users can resulate private address (192.168.31.x) for mail.mycompany.com while using same external dns server?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents