On 11/26/11 11:24 AM, Farooq Razzaque wrote: > > > Dear All, > > I have the requirement to resolve the FQDN of the URL published in web VPN in > ASA. > > When remote users connect to web vpn then they access one URL (https://fully > qualified domain name:7004/console-selfservice) which is published in Web > VPN and which is accessible through FQDN. So how i can resolve the FQDN > against. > > Can we done this on ASA. or can we configure Web VPN so that when remote > users connect to VPN they can get DNS server IP to resolve the FQDN
Does the FQDN point to the same IP for all users? Is the base domain a standard registered name? If yes to both, you can just publish it in your regular DNS A records and any resolver worldwide should be able to find it recursively. If it points to different IPs then what mechanism determines this? If a private domain name like [whatever].local, consider also creating a public one. There's nothing preventing you from publishing a public A record that resolves to private RFC1918 space. It won't be useful to those who aren't connected to your private network but that shouldn't matter. You can also have two variants such as host.example.net -> public IP and host.vpn.example.net -> private IP. Or if the ASA is assigning DHCP to the remote users it can direct them to a specific name server that has the appropriate zone file. I'm not 100% clear on exactly what the problem is that you are trying to solve. If it's more complex than this, please provide more detail. -- Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
