Hey guys. I have a quick question about split tunneling in Cisco ASA for a Cisco Jabber implementation on remote VPN clients. We have a cisco ASA that has Cisco group policy for remote VPN users with the option to tunnel all DNS queries over the tunnel. Everything is working fine but now that we want to implement Cisco Jabber on these VPN clients, in Cisco’s documentation, it says we need to make the queries for the expressway go directly to the Internet instead of going over the tunnel, it is part of the requirement. We first have tried to implement a DNS query block on the firepower module so that it doesn’t traverse over the tunnel but still we keep getting domain not found replies and doesn’t fallback as we were expecting and use the DNS of the physical interface. Has anyone had similar implementation and was able to find a work around for this issue ?
No comments:
Post a Comment