Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

WebVPN Browse Networks by hostname

  • Filter
  • Time
  • Show
Clear All
new posts

  • WebVPN Browse Networks by hostname

    I finally got webvpn going

    but can't figure out why dns is not working!!!
    when I click on Browse Networks or type in the "Address cifs://" the host name, i get "Cannot find server or DNS error"

    Please HELP!!!!

    Thanks in advance

    using: ASA Version 8.2(1)

    interface Ethernet0/0
     description Outside
     nameif outside
     security-level 0
     ip address xx.xx.150.6 
    interface Ethernet0/1
     description Inside
     nameif inside
     security-level 100
     ip address 
    interface Ethernet0/2
     no nameif
     no security-level
     no ip address
    interface Ethernet0/3
     no nameif
     no security-level
     no ip address
    interface Management0/0
     no nameif
     no security-level
     no ip address
    boot system disk0:/asa821-k8.bin
    ftp mode passive
    clock timezone EST -5
    clock summer-time EDT recurring
    dns domain-lookup inside
    dns server-group DefaultDNS
    object-group service INTERFACEPORT tcp
     port-object eq ftp
     port-object eq ftp-data
     port-object eq https
    access-list OUTSIDE_IN extended permit tcp any host object-group INTERFACEPORT 
    access-list OUTSIDE_IN extended permit icmp any any echo-reply 
    access-list INSIDE_IN extended permit ip any any 
    access-list Corp_SPLIT_TUNNEL standard permit 
    access-list NO-NAT extended permit ip any 
    pager lines 24
    mtu outside 1500
    mtu inside 1500
    ip local pool VPN_POOL mask
    ip verify reverse-path interface outside
    ip verify reverse-path interface inside
    icmp permit any echo outside
    icmp permit any echo-reply outside
    icmp permit any inside
    asdm image disk0:/asdm-621.bin
    asdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 0 access-list NO-NAT
    nat (inside) 1
    static (inside,outside) tcp interface ftp ftp netmask 
    static (inside,outside) tcp interface ftp-data ftp-data netmask 
    access-group OUTSIDE_IN in interface outside
    access-group INSIDE_IN in interface inside
    route outside xx.xx.150.1 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    dynamic-access-policy-record DfltAccessPolicy
    http server enable
    http inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
     enable outside
     csd image disk0:/securedesktop-asa-
     svc image disk0:/anyconnect-win-2.3.0254-k9.pkg 1
     svc enable
     tunnel-group-list enable
    group-policy Corp_WEBVPN_POLICY internal
    group-policy Corp_WEBVPN_POLICY attributes
     wins-server none
     dns-server value
     vpn-idle-timeout 600
     vpn-tunnel-protocol svc webvpn
     split-tunnel-policy tunnelspecified
     split-tunnel-network-list value Corp_SPLIT_TUNNEL
      svc keep-installer installed
      svc ask enable
    tunnel-group Corp_WEBVPN_GROUP type remote-access
    tunnel-group Corp_WEBVPN_GROUP general-attributes
     address-pool VPN_POOL
     authentication-server-group (outside) LOCAL
     default-group-policy Corp_WEBVPN_POLICY
    tunnel-group Corp_WEBVPN_GROUP webvpn-attributes
     nbns-server MAKER master timeout 2 retry 2
     group-alias Corp_WEBVPN enable
    class-map inspection_default
     match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
      message-length maximum 512
    policy-map global_policy
     class inspection_default
      inspect ftp 
      inspect h323 h225 
      inspect h323 ras 
      inspect netbios 
      inspect rsh 
      inspect rtsp 
      inspect skinny  
      inspect esmtp 
      inspect sqlnet 
      inspect sunrpc 
      inspect tftp 
      inspect xdmcp 
      inspect dns preset_dns_map 
    policy-map type inspect dns migrated_dns_map_1
      message-length maximum 512
    service-policy global_policy global
    prompt hostname context 
    : end
    Last edited by zklone; 14th June 2009, 14:38.