cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3855
Views
0
Helpful
4
Replies

[RA] Local IP Pool address assignment and Dynamic DNS

joan.ballaud
Level 1
Level 1

Hello Cisco ASA experts,

I am using Cisco ASA 8.4 and AnyConnect 3.0 to provide remote access to the corporate users. My question is concerning the IP address assignment.

I need a provide an IP from a local IP pool (managed by ASA) so I declared an internal address pool and I target this local IP pool in my AnyConnect Ceonnection Profile:

ip local pool RAPool 192.168.32.2-192.168.47.254 mask 255.255.240.0

(...)

tunnel-group RATest general-attributes

address-pool RAPool

(...)

dhcpd dns xxxx xxxx

dhcpd wins xxxx xxxx

dhcpd domain xxxx

dhcpd update dns

Doing this my remote users keep unreferred on my corporate DNS server. So it seams my dhcpd with dynamic DNS parameters does not trigger using the local ip address assignment.

Is there a way to update my DNS Server while using an local IP pool on ASA for Remote access VPN ?

4 Replies 4

shanewolfe
Level 1
Level 1

Joan,

 

Did you ever get a resolution on this?  I am having the same problem.  

 

Shane 

 

 

Shane,

My solution is to forward the remote user access DHCP  request to our internal corporate DHCP/DNS directly. So the DNS entry is correctly updated when the ASA generate the DHCP request for the Remote User.

There is no solution to update the corporate DNS using the ASA internal IP Pool.

Using an external DHCP server to distribute IP addresses to the remote user requires defining the DHCP server IP in the Connection Profile, setting the DHCP scope in the associated Group Policy and activating the Use DHCP in the global address assignment policy.

Joan

Joan, 

Do you recall if the request for DHCP was passing over the internal or external interface of your ASA?

 

 

The DHCP request was passing over the internal interface by routing (as the DHCP server is inside). Note it is not the remote access client which makes a DHCP request directly. It is generated by the ASA which requests the DHCP and then it distributes the IP to the remote access client.