VPN client DNS/WINS issue on ASA5510

chalvorsonjr · ‎01-07-2010

Hi,

I was hoping that someone out there could help with this issue. we are implementing a new domain, therefore new DNS/WINs servers. I terminate our clients with our ASA5510. I have changed the DNS and WINs attribues. When the device doles out DHCP to teh clients, the new naming servers are not doled out, so users in my new domain are having issues.

Here is where I changed it.

group-policy UserVPN attributes
wins-server value 10.161.21.41 10.161.21.23
dns-server value 10.161.21.41 10.161.21.23
default-domain value wi02.com

10.161.21.23 is my new naming server, but it is not showing up on the VPN client?

Any help would be greatly appreciated!

Thanks in advance!

Alexandro Carrasquedo · ‎01-07-2010

Is the DHCP giving DNS/WINS as well? Are you trying to get rid of .21.41 or add .21.23 as a secondary wins/dns?

Make sure that group-policy is associated with the tunnel-group you're using, after that do:

group-policy UserVPN attributes
no wins-server value 10.161.21.41 10.161.21.23
no dns-server value 10.161.21.41 10.161.21.23

wins-server value 10.161.21.23
dns-server value 10.161.21.23

that will get rid of .21.41 and put .21.23 ... let us know if that is what you're trying to accomplish.

chalvorsonjr · ‎01-07-2010

Thanks for the reply.

1st question: Yes, DHCP is doling out DNS/WINS server info

2nd question: I am trying to add 21.23 as the secondary DNS/WINS server (this is the new domain controller)

3rd: the group policy is associated with the tunnel group, and my clients are able to join the network just fine. However, my clients are not getting the 21.23 server in their TCP/IP stack when the ASA hands out an IP address?

I hope this answers your questions. is there anything else I could be missing?

Thanks