Home > Apple, Cisco, Network > Cisco AnyConnect Split-DNS resolution not working in Snow Leopard 10.6

Cisco AnyConnect Split-DNS resolution not working in Snow Leopard 10.6

I just upgraded my Cisco AnyConnect client on my ASA 5510 to 2.4.0202 hoping that the VPN would work for my users with Mac OS 10.6 Snow Leopard, but it would appear they are having DNS resolution issues.  I use the Split-DNS functionality of the ASA/Anyconnect client to only send DNS queries to the across-the-vpn DNS servers for a couple of domain names.

My brief testing has shown that all DNS queries are being sent to the remote hosts local DNS servers rather than sending them to the corporate DNS servers for the Split-DNS domains.

I found Cisco bug ID CSCtc54466 that describes this issue.  It describes this issue as being with Mac OS X 10.6 and they claim the issue is with Apples mDNS code.  They say it is “likely to be fixed in Mac OS X 10.6.3”.

In the meantime they claim you can “Restart the mDNSResponder service”.  I am assuming you would need to restart this service each time you VPN in?  I have not yet looked into how to restart that service yet either.  I will edit this post once I figure it out.

-Eric

Categories: Apple, Cisco, Network Tags:
  1. CPH
    December 10th, 2009 at 06:50 | #1

    Hello there! I am having the same problem, please post as soon as you find this is resolved! I use an ASA 5510 with the AnyConnect client 2.4.0202 as well. My snow leopard macs can only connect via IP, not by name.

  2. December 11th, 2009 at 10:49 | #2

    @CPH I actually just discovered last week that Snow Leopard now has a built in Cisco IPSEC VPN client! I would highly recommend using that instead. It has worked well for me so far.

    I am going to put up a blog post about it here shortly.

    -Eric

  1. No trackbacks yet.