Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2732
Views
30
Helpful
31
Replies

vpn issue

kp-tkr2014
Level 1
Level 1

‎03-02-2020 08:22 PM

Hi,

 using cisco asa 9.x code  and the below configuration . 

we are using two dns server for internal url resolving and external dns resolving 

internal test.local and external test.com 

The problem remote users using anyconnect cannot resolve the dns 

 

 

group-policy Test internal
group-policy Test attributes
wins-server none
dns-server value 192.168.100.1
vpn-tunnel-protocol ikev1 ssl-client

split-tunnel-policy tunnelspecified
split-tunnel-network-list value testsplitacl
default-domain value test.local
address-pools value test

Thanks

 

Labels:
0 Helpful
31 Replies 31

kp-tkr2014
Level 1
Level 1
In response to Sheraz.Salim

‎03-10-2020 06:50 AM


Hi
I got no luck with the version
0 Helpful

kp-tkr2014
Level 1
Level 1
In response to kp-tkr2014

‎03-16-2020 02:44 AM - edited ‎03-16-2020 03:01 AM

Hi,

In tunnel packet capture from the remote client I can  see the dns server query response  like below " 

".... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server

 

And also captured on the  firewall 

asa capture packets.png

i can see the response in both case with the same error . 

So I think the traffic between dns server and the remote client is ok 

 

 

Below the dns error from capture 

 

1564204.jpg

Please help

Thanks

 

0 Helpful
Customers Also Viewed These Support Documents