DNS Lookup 1

[burtsbees]

My colleague wants to enable dns lookup on one or more interfaces on the ASA5510 that does the SSL VPN, so that dns servers can be added to the server group to handle dns requests through the vpn tunnel. Does he add that to the outside, inside, or both interfaces? What are the dangers? Thanks.

Burt

 

[Supergrrover]

Make sure you can ping by name from the ASA after you add
dns domain-lookup inside

You should then be be able to put it in the webvpn group policy and point it to the inside DNS server and have it work.




Brent
Systems Engineer / Consultant
CCNP, CCSP

 

[burtsbees]

Thanks Brent! Helpful as always!

Burt

 

[Pra3tor1an]

Hello, I'm the colleague in question. We don't currently have an inside DNS server. All hosts point to outside DNS servers provided by the data center. We use SSL VPN for remote users and also have a tunnel built for VPN access from the office. I think I can enable DNS on the outside interface, but configuring the webvpn and tunnel are also a challenge.