cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3135
Views
0
Helpful
2
Replies

Dns Suffix which ASA distributes

nyanko-nt
Level 1
Level 1

We use ASA VPN (Cisco VPN Client and Anyconnect)

Note PC Physical interface
=====================================================
Domain Primary Dns Suffix:    xxxx.hogehoge.com
Physucal Interface Suffix List:         xxxx.hogehoge.com
                        hogehoge.com
                        hogehoge.co.jp
=====================================================

Dns Suffix which ASA distributes
=====================================================
hogehoge.co.jp
=====================================================

Connecting VPN with Cisco VPN Client(IPSec)
=====================================================
        Primary Dns Suffix  . . . . . . . : xxxx.hogehoge.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hogehoge.co.jp
                                            xxxx.hogehoge.com
                                            hogehoge.com
                                            hogehoge.co.jp

=====================================================

Connecting VPN with AnyConnect(SSL VPN)
Can't see 'hogehoge.co.jp'(from ASA ?)
=====================================================
        Primary Dns Suffix  . . . . . . . : xxxx.hogehoge.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hogehoge.co.jp
                                            xxxx.hogehoge.com
                                            hogehoge.com
=====================================================

When the same DNS Suffix is distributed, does the overlapping DNS Suffix disappear?
Is this the specification of Any Connect?

2 Replies 2

jonrojas
Level 1
Level 1

Hi,

AnyConnect or the VPN Client will just add the suffixes you specify on the ASA, so if you add one that is already on the computer you will see a duplicate, but it shouldn't affect functionality.

HTH

Jonnathan

We checked another Domain Suffix.


Windows IP Configuration

=====================================================
        Primary Dns Suffix  . . . . . . . : hogehoge.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hogehoge1.com
                                            hogehoge2.com
                                            hogehoge3.com
                                            hogehoge4.com
=====================================================

Dns Suffix which ASA distributes
=====================================================
hogehoge3.com
=====================================================


Connecting VPN with AnyConnect(IPSec VPN)
=====================================================
        Primary Dns Suffix  . . . . . . . : hogehoge.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hogehoge3.com
                                            hogehoge1.com
                                            hogehoge2.com
                                            hogehoge3.com
                                            hogehoge4.com
=====================================================


Connecting VPN with AnyConnect(SSL VPN)
Can't see 'hogehoge4.com'(Not Overlap DNS Suffix)
=====================================================
        Primary Dns Suffix  . . . . . . . : hogehoge.com
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hogehoge3.com
                                            hogehoge1.com
                                            hogehoge2.com
                                            hogehoge3.com
=====================================================

Although the same DNS Suffix was made to distribute this time also, DNS Suffix which is not overlapped disappeared.

Why is this?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: