Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1218
Views
6
Helpful
1
Replies

My ASA cannot connect to DNS server through IPSec VPN tunnel site-to-site

Go to solution
tranminhc
Level 1
Level 1

‎04-28-2016 12:59 AM - edited ‎03-12-2019 12:40 AM

Hello forum,

My network infrastructure has a Headquarter site and several branch offices. All end use ASA firewall. I used IPSec VPN tunnel between remote site and the HQ. Everything is working fine except the DNS  configured in ASAs at branch office. the DNS server and my monitoring software is located on HQ site.

From the remote ASAs I cannot resolve FQDN objects, it cannot query to my internal DNS servers. However users from remote sites can do as normal.

In addition, I cannot find where to configure the source interface of DNS, SNMP traffic generated locally from ASA. I think that the problem is I cannot get the traffic generated by ASA to go through VPN tunnel.

How can I resolve this problem, please advise me! If is there any thread which have the same problem and resolved, please give me a link.

Thanks you,

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎04-28-2016 03:37 AM

Include the public IP address of the remote ASA (remote from HQ) in the encryption domain and it will work.

View solution in original post

1 Reply 1

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎04-28-2016 03:37 AM

Include the public IP address of the remote ASA (remote from HQ) in the encryption domain and it will work.

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card