12-13-2010 10:17 AM
This question pertains to SSL VPN running on an ASA5520 using 8.2. I need to be able to support two "default domain" values in my SSL VPN's Internal Group Policy. The "default domain" field in the Servers section of Internal Group Policy only seems to support one domain name entry. I tried to create a second connection profile and group policy with matching values, except that this new policy contains the second domain name. This did not seem to make any difference. What is the right approach to supporting multiple default domains for SSL VPN connections?
Solved! Go to Solution.
12-13-2010 11:15 AM
Unfortunately, we can only have one default-domain value per group-policy. You can use split-dns to put in multiple domains that can be resolved via the internal dns server( per group-policy), but you would need to put in the entire domain-name when you query in case you want to resolve to right one. Only for the default-domain you can use the name alone to resolve.
12-13-2010 11:15 AM
Unfortunately, we can only have one default-domain value per group-policy. You can use split-dns to put in multiple domains that can be resolved via the internal dns server( per group-policy), but you would need to put in the entire domain-name when you query in case you want to resolve to right one. Only for the default-domain you can use the name alone to resolve.
12-13-2010 11:43 AM
Thanks, Rahul! Editing the group policy's Split Tunneling DNS Names did solve this issue for me. I was able put them in separated by spaces.
12-13-2010 11:49 AM
Great Mark this thread as answered if your issue is resolved.
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide