On 11/26/11 11:24 AM, Farooq Razzaque wrote:
Dear All,
I have the requirement to resolve the FQDN of the URL published in web VPN in
ASA.
When remote users connect to web vpn then they access one URL (https://fully
qualified domain name:7004/console-selfservice) which is published in Web
VPN and which is accessible through FQDN. So how i can resolve the FQDN
against.
Can we done this on ASA. or can we configure Web VPN so that when remote
users connect to VPN they can get DNS server IP to resolve the FQDN
Does the FQDN point to the same IP for all users? Is the base domain a
standard registered name? If yes to both, you can just publish it in
your regular DNS A records and any resolver worldwide should be able to
find it recursively.
If it points to different IPs then what mechanism determines this? If a
private domain name like [whatever].local, consider also creating a
public one.
There's nothing preventing you from publishing a public A record that
resolves to private RFC1918 space. It won't be useful to those who
aren't connected to your private network but that shouldn't matter.
You can also have two variants such as host.example.net - public IP and
host.vpn.example.net - private IP.
Or if the ASA is assigning DHCP to the remote users it can direct them
to a specific name server that has the appropriate zone file.
I'm not 100% clear on exactly what the problem is that you are trying to
solve. If it's more complex than this, please provide more detail.
--
Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net
Impulse Internet Service - http://www.impulse.net/
Your local telephone and internet company - 805 884-6323 - WB6RDV
___
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
