cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3323
Views
0
Helpful
1
Replies

Push a DNS Suffix Search List for a IPSEC Client on ASA 8.3

wbarboza
Level 1
Level 1

Hi all,

Is there a way to push a DNS Suffix Search List for IPSEC Clients on ASA 8.3 so that if I ping a hostname it will search multiple domain names in the DNS? For example, if i ping myhost and the DNS Suffix Search List contains mydomain1.com and ny.mydomain.com, it would look for

myhost.mydomain1.com

myhost.ny.mydomain1.com

So far only the default domain enters the list.

I tried split-dns, but none of the domains I configured enters the list... I am using tunnel-all option...

Regards,

1 Reply 1

wbarboza
Level 1
Level 1

I have found the answer. But I had to use an ACS for doing that. It was just by using VPN 3000 Radius attribute CVPN3000-IPSec-Default-Domain and then, assigning all of the domain names separated by commas (,) like: cisco.com,sj.cisco.com,nc.cisco.com. ASA doesn`t accept commas...

That`s it...