This is because NSLookup does not rely on the OS DNS resolver. Instead, rely on a browser or use the ping command. Note: Avoid the use of the NSLookup when you test the name resolution on the client. However, the behaviors that are described in this document can be different, based on the Operating System (OS). If you do not have split DNS defined, then all of the DNS queries are sent to the DNS servers which are defined by the ASA. If there are no DNS servers defined by the ASA, then the DNS settings are blank for the tunnel. In all cases, the DNS queries which are defined to move through the tunnel, go to any DNS servers which are defined by ASA. Before this version, you could only do split DNS or standard DNS. Note: The split-tunnel-all-dns command was first implemented in ASA Version 8.2(5). In the case of a negative response, the DNS queries can also go to the DNS servers which are configured on the physical adapter. Standard DNS - All of the DNS queries move through the DNS servers which are defined by the ASA.This setting is configured in the group policy. Tunnel-all-DNS - Only DNS traffic to the DNS servers which are defined by the ASA is allowed. ![]() They move through the tunnel (to the DNS servers that are defined on the ASA, for example) while others do not.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |