10-10-2012 01:09 PM
Hi all,
I currently have Anyconnect clients connecting to my ASA and obtaining IPs from the ASA IP address pools I created. Is there a way to get the clients to automatically update the forward and reverse records with this IP? I was looking at the Dynamic DNS management within the ASA, but wasn't sure if this work work.
Thanks in advance,
Bill
10-20-2012 11:37 PM
Hi Bill,
I think this could be accomplished with a dedicated DHCP server.
Windows tries to perform this task automatically:
So once the VPN client gets an IP address from the DHCP server, the server registers the clients name.
Here is an example of to set up the ASA for this:
ASA/PIX: IPsec VPN Client Addressing Using DHCP Server with ASDM Configuration Example
HTH.
Portu.
Please rate any helpful posts.
07-07-2014 01:17 PM
I hate to respond to 2 year old posts but this is the same issue I am seeing. Can the forward/reverse updates be updated if you use local pools instead of a DHCP server? In my environment, it looks like the laptop eventually does a /registerdns which updates the forward lookup however the reverse never gets updated. Is there anything the ASA can do to pass this info onto the DNS server?
08-24-2017 08:01 AM
I am going to bump this post as well.
We have a IP pool defined in the ASA. clients get the ip no problem. I just need to determine how we tell the ASA to send ddns updates to our Bluecat servers. I have yet to find a simple answer to this - most involve enabling DHCP server on the ASA, or moving the IP's to our Bluecat DHCP/DNS servers. Neither of these options are appealing to me.
06-26-2018 07:38 AM - edited 06-26-2018 07:39 AM
bump - same experience
03-05-2020 08:39 AM
This is not supported as of now.
In order to have the DDNS and PTR records properly updated when a remote client connects, we need to have the ASA send the FQDN of the remote client to the DHCP server in charge of IP address assignment. Thus the ASA will have to send Option 12 and Option 82 to make it work with the Anyconnect clients. Although we can configure the ASA for DDNS updates, Option 82 is currently not supported on ASA. Right now, the ASA will only send option 12 in the DHCP discover, populated with the hostname but we would need to have the ASA send DHCP option 81 as well with the FQDN properly inserted. This means that even if you have a DHCP server configured in your network, you wouldn't be able to use DDNS with the Anyconnect clients due to this limitation.
We have an Ench. Request https://bst.cloudapps.cisco.com/bugsearch/bug/CSCsv34395
09-30-2020 05:54 AM
Thanks for update. Wanted to ask for further clarification as BugTracker says it's terminated but only lists old Anyconnect version. Is sending option 81 still not working?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide